DataSource(value)LINT.IfChange(data_sources)
Enums |
|
|---|---|
| Name | Description |
DATA_SOURCE_UNSPECIFIED |
No description available. |
UDM |
No description available. |
ENTITY |
No description available. |
INGESTION_METRICS |
No description available. |
RULE_DETECTIONS |
RULE_DETECTIONS is used for detections datasource. |
RULESETS |
RULESETS is used for ruleset with detections datasource. |
GLOBAL |
GLOBAL is used for standard time range filter. |
IOC_MATCHES |
IOC_MATCHES is used for ioc_matches datasource. |
RULES |
RULES is used for rules datasource. |
SOAR_CASES |
SOAR Cases - identified as `case`. |
SOAR_PLAYBOOKS |
SOAR Playbooks - identified as `playbook`. |
SOAR_CASE_HISTORY |
SOAR Case History - identified as `case_history`. |
DATA_TABLE |
DATA_TABLE is used for data tables source. |
INVESTIGATION |
INVESTIGATION is used as the data source for triage agent investigations. Identified as `gemini_investigation`. |
INVESTIGATION_FEEDBACK |
INVESTIGATION_FEEDBACK is used as the data source for user feedback on triage agent investigations. Identified as `gemini_investigation_feedback`. |