Resource: Instance
A Instance represents an instantiation of the Instance product.
| JSON representation |
|---|
{ "name": string } |
| Fields | |
|---|---|
name |
Identifier. The resource name of this instance. Format: |
Methods |
|
|---|---|
|
Returns findings refinement activity for all findings refinements. |
|
ExtractSyslog extracts structured part of log from a unstructured log by running a grok regex over it. |
|
Identifies the entity type and retrieves relevant data associated with a specified indicator. |
|
Get alerts for an entity. |
|
Finds all the entities associated with provided entity. |
|
Finds ingested UDM field values that match a query. |
|
GenerateCollectionAgentAuth generates an auth json file for the collection agent. |
|
GenerateUDMKeyValueMappings generates key value mapping of a raw log. |
|
Gets a Instance. |
|
Get the BigQuery export configuration for a Chronicle instance. |
|
Get the EnrichmentCombination. |
|
Queries the instance to get the Risk Configurations used for the computation of Entity Risk Score. |
|
Get the set of threat collection filter options. |
|
Lists all findings refinement deployments. |
|
Gets available product sources along with their stats. |
|
Identifies the entity type and retrieves relevant data associated with a specified indicator. |
|
Submits user feedback for a specific platform interaction or feature. |
|
Parses the query and identifies the entities contained within the search query. |
|
Returns all entity data over specified time. |
|
Tests for and returns past activity for a findings refinement, including, potentially, times when the findings refinement was not yet created. |
|
Performs a UDM search that returns matching events for the query. |
|
Update the BigQuery export configuration for a Chronicle instance. |
|
Updates RiskConfig used for the computation of Entity Risk Score. |
|
Validates UDM search query by compiling the query. |
|
VerifyReferenceList validates list content and returns line errors, if any. |
|
Verifies the given rule text. |