Chronicle V1 API - Module Google::Cloud::Chronicle::V1::DataSource (v0.6.0)

Reference documentation and code samples for the Chronicle V1 API module Google::Cloud::Chronicle::V1::DataSource.

LINT.IfChange(data_sources)

Constants

DATA_SOURCE_UNSPECIFIED

value: 0

UDM

value: 1

ENTITY

value: 2

INGESTION_METRICS

value: 3

RULE_DETECTIONS

value: 4
RULE_DETECTIONS is used for detections datasource.

RULESETS

value: 5
RULESETS is used for ruleset with detections datasource.

GLOBAL

value: 6
GLOBAL is used for standard time range filter.

IOC_MATCHES

value: 7
IOC_MATCHES is used for ioc_matches datasource.

RULES

value: 8
RULES is used for rules datasource.

SOAR_CASES

value: 9
SOAR Cases - identified as case.

SOAR_PLAYBOOKS

value: 10
SOAR Playbooks - identified as playbook.

SOAR_CASE_HISTORY

value: 11
SOAR Case History - identified as case_history.

DATA_TABLE

value: 12
DATA_TABLE is used for data tables source.

INVESTIGATION

value: 13
INVESTIGATION is used as the data source for triage agent investigations. Identified as gemini_investigation.

INVESTIGATION_FEEDBACK

value: 14
INVESTIGATION_FEEDBACK is used as the data source for user feedback on triage agent investigations. Identified as gemini_investigation_feedback.

Chronicle V1 API - Module Google::Cloud::Chronicle::V1::DataSource (v0.6.0) Stay organized with collections Save and categorize content based on your preferences.