REST Resource: projects.locations.instances.curatedRuleSetCategories.curatedRuleSets

Resource: CuratedRuleSet
- JSON representation
Platform
Quota
- JSON representation
Methods

Resource: CuratedRuleSet

Describes a set of rules curated by Chronicle.

JSON representation

JSON representation
{ "name": string, "displayName": string, "authors": [ string ], "description": string, "platforms": [ enum (`Platform`) ], "logSources": [ string ], "createTime": string, "updateTime": string, "tactics": [ { object (`MitreTactic`) } ], "techniques": [ { object (`MitreTechnique`) } ], "quota": { object (`Quota`) } }

{
  "name": string,
  "displayName": string,
  "authors": [
    string
  ],
  "description": string,
  "platforms": [
    enum (Platform)
  ],
  "logSources": [
    string
  ],
  "createTime": string,
  "updateTime": string,
  "tactics": [
    {
      object (MitreTactic)
    }
  ],
  "techniques": [
    {
      object (MitreTechnique)
    }
  ],
  "quota": {
    object (Quota)
  }
}

Fields
`name`	`string` The resource name of the rule set. Format: 'projects/{project}/locations/{location}/instances/{instance}/CuratedRuleSetCategory/{curatedRuleSetCategory}/curatedRuleSets/{curatedRuleSet}'
`displayName`	`string` Output only. The unique display name of the rule set.
`authors[]`	`string` Output only. The rule set's author(s).
`description`	`string` Output only. A description of the rule set.
`platforms[]`	`enum (Platform)` Output only. The platforms that the rule set targets.
`logSources[]`	`string` Output only. The log sources the rule set was tested against.
`createTime`	`string (Timestamp format)` Output only. Creation time of the rule set. Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: `"2014-10-02T15:01:23Z"`, `"2014-10-02T15:01:23.045123456Z"` or `"2014-10-02T15:01:23+05:30"`.
`updateTime`	`string (Timestamp format)` Output only. Last update time of the rule set. Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: `"2014-10-02T15:01:23Z"`, `"2014-10-02T15:01:23.045123456Z"` or `"2014-10-02T15:01:23+05:30"`.
`tactics[]`	`object (MitreTactic)` Output only. MITRE Tactics of the rule set. e.g. TA0043
`techniques[]`	`object (MitreTechnique)` Output only. MITRE Techniques of the rule set. e.g. T1055
`quota`	`object (Quota)` Output only. Cost of the rule set. Used in calculating how many curated rule sets can be enabled.

Platform

Represents the IT platform that this rule set targets.

Enums
`PLATFORM_UNSPECIFIED`	Unspecified platform.
`GCP`	Google Cloud.
`WINDOWS`	Windows devices.
`LINUX`	Linux devices.
`MACOS`	macOS devices.
`AWS`	Amazon Web Services.

Quota

The cost of the rule set which is used to evaluate enabled deployments.

JSON representation
{ "quotaSize": integer }

Fields

Fields
`quotaSize`	`integer` The amount of quota this rule set consumes.

quotaSize

integer

The amount of quota this rule set consumes.

Methods
`countCuratedRuleSetDetections`	Counts the detections generated by a CuratedRuleSet.
`get`	Gets a CuratedRuleSet.
`list`	Lists CuratedRuleSets.

REST Resource: projects.locations.instances.curatedRuleSetCategories.curatedRuleSets

Resource: CuratedRuleSet

Platform

Quota

Methods

`countCuratedRuleSetDetections`

`get`

`list`