- REST Resource: v1beta.projects.alerts
- REST Resource: v1beta.projects.alerts.documents
- REST Resource: v1beta.projects.configurations
- REST Resource: v1beta.projects.configurations.revisions
- REST Resource: v1beta.projects.findings
Service: threatintelligence.googleapis.com
Quick Start
To start calling the API with simple examples immediately, see Get Started page.
Discovery document
A Discovery Document is a machine-readable specification for describing and consuming APIs. We have the following discovery documents:
Service endpoint
A service endpoint is a base URL that specifies the network address of an API service. We have the following service endpoint and all URIs below are relative to this service endpoint:
https://threatintelligence.googleapis.com
REST Resource: v1beta.projects.alerts
| Methods | |
|---|---|
benign |
POST /v1beta/{name=projects/*/alerts/*}:benign Marks an alert as benign - BENIGN. |
duplicate |
POST /v1beta/{name=projects/*/alerts/*}:duplicate Marks an alert as a duplicate of another alert. |
enumerateFacets |
GET /v1beta/{parent=projects/*}/alerts:enumerateFacets EnumerateAlertFacets returns the facets and the number of alerts that meet the filter criteria and have that value for each facet. |
escalate |
POST /v1beta/{name=projects/*/alerts/*}:escalate Marks an alert as escalated - ESCALATED. |
falsePositive |
POST /v1beta/{name=projects/*/alerts/*}:falsePositive Marks an alert as a false positive - FALSE_POSITIVE. |
get |
GET /v1beta/{name=projects/*/alerts/*} Get an alert by name. |
list |
GET /v1beta/{parent=projects/*}/alerts Get a list of alerts that meet the filter criteria. |
notActionable |
POST /v1beta/{name=projects/*/alerts/*}:notActionable Marks an alert as not actionable - NOT_ACTIONABLE. |
read |
POST /v1beta/{name=projects/*/alerts/*}:read Marks an alert as read - READ. |
resolve |
POST /v1beta/{name=projects/*/alerts/*}:resolve Marks an alert to closed state - RESOLVED. |
trackExternally |
POST /v1beta/{name=projects/*/alerts/*}:trackExternally Marks an alert as tracked externally - TRACKED_EXTERNALLY. |
triage |
POST /v1beta/{name=projects/*/alerts/*}:triage Marks an alert as triaged - TRIAGED. |
REST Resource: v1beta.projects.alerts.documents
| Methods | |
|---|---|
get |
GET /v1beta/{name=projects/*/alerts/*/documents/*} Gets a specific document associated with an alert. |
REST Resource: v1beta.projects.configurations
| Methods | |
|---|---|
get |
GET /v1beta/{name=projects/*/configurations/*} Get a configuration by name. |
list |
GET /v1beta/{parent=projects/*}/configurations Get a list of configurations that meet the filter criteria. |
upsert |
POST /v1beta/{parent=projects/*}/configurations:upsert Creates or updates a configuration. |
REST Resource: v1beta.projects.configurations.revisions
| Methods | |
|---|---|
list |
GET /v1beta/{parent=projects/*/configurations/*}/revisions List configuration revisions that meet the filter criteria. |
REST Resource: v1beta.projects.findings
| Methods | |
|---|---|
get |
GET /v1beta/{name=projects/*/findings/*} Get a finding by name. |
list |
GET /v1beta/{parent=projects/*}/findings Get a list of findings that meet the filter criteria. |
search |
GET /v1beta/{parent=projects/*}/findings:search SearchFindings is a more powerful version of ListFindings that supports complex queries like "findings for alerts" using functions such as has_alert in the query string. |