Reference

Docs Support

English
Deutsch
Español – América Latina
Français
Italiano
Português – Brasil
中文 – 简体
日本語
한국어

Contact Us Start free

Reference

Search API

Access your security data programmatically.
Detection Engine API

Create, run, and manage Detection Engine rules.
Feed Management API

Create, run, and manage data feeds that send your logs to Chronicle.
Ingestion API

Send device logs to Chronicle programmatically using the Ingestion API.
Reference lists API

Reference lists are generic lists of values that you can create and use within Chronicle.
RBAC API

Role-based access control (RBAC) enables you to tailor access to Chronicle features based on an employee's role in your organization.
Unified Data Model field list

List of fields in the Unified Data Model (UDM).
Important UDM fields for parser data mapping

UDM fields that are important for Chronicle features or investigative use cases.
Unified Data Model usage guide

More detailed descriptions of the Unified Data Model (UDM) fields, including the required and optional attributes depending on the event type.
Supported data sets

Supported vendor and device logs that can be ingested into Chronicle.
Supported default parsers

Vendor and device logs with default parsers in Chronicle.
Chronicle health metrics schema

Schema description of the ingestion_metric table in BigQuery.
Ingestion metrics Explore field reference

Description of the fields that appear in the Ingestion metrics Explore interface.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.