- HTTP request
- Path parameters
- Request body
- Response body
- Authorization scopes
- ColumnData
- ColumnType
- ColumnValue
- Date
- List
- Try it!
Full name: projects.locations.instances.dashboardQueries.execute
Execute a query and return the data.
HTTP request
POST https://chronicle.googleapis.com/v1alpha/{parent}/dashboardQueries:execute
Path parameters
| Parameters | |
|---|---|
parent |
Required. The parent, under which to run this dashboardQuery. Format: projects/{project}/locations/{region}/instances/{instance} |
Request body
The request body contains data with the following structure:
| JSON representation |
|---|
{ "query": { object ( |
| Fields | |
|---|---|
query |
Required. The query to execute and get results back for. QueryID or 'query', 'input.time_window' fields will be used. Use 'native_dashboard' and 'dashboard_chart' fields if it is an in-dashboard query. |
filters[] |
Optional. Dashboard level filters other than query string. |
Response body
Response message for executing a dashboard query.
If successful, the response body contains data with the following structure:
| JSON representation |
|---|
{ "results": [ { object ( |
| Fields | |
|---|---|
results[] |
Result rows that are queried. |
data_sources[] |
Datasource of the query and results. |
Authorization scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
ColumnData
| JSON representation |
|---|
{
"column": string,
"values": [
{
object ( |
| Fields | |
|---|---|
column |
Used to store column names. |
values[] |
To store column data. |
ColumnType
Singular vs list of values in a column.
| JSON representation |
|---|
{ // Union field |
| Fields | |
|---|---|
Union field
|
|
value |
Single value in a column. |
list |
List of values in a column e.g. IPs |
ColumnValue
Value of the column based on data type.
| JSON representation |
|---|
{ // Union field |
| Fields | |
|---|---|
Union field
|
|
null_val |
True if the value is NULL. |
bool_val |
Boolean value. |
bytes_val |
Bytes value. A base64-encoded string. |
double_val |
Double value. |
int64_val |
Integer value (signed). |
uint64_val |
Un-signed integer value. |
string_val |
String value. Enum values are returned as strings. |
timestamp_val |
Timestamp values. Does not handle A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
date_val |
Date values. |
proto_val |
For any proto values that are not any of the above. An object containing fields of an arbitrary type. An additional field |
Date
Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following:
- A full date, with non-zero year, month, and day values.
- A month and day, with a zero year (for example, an anniversary).
- A year on its own, with a zero month and a zero day.
- A year and month, with a zero day (for example, a credit card expiration date).
Related types:
google.type.TimeOfDaygoogle.type.DateTimegoogle.protobuf.Timestamp
| JSON representation |
|---|
{ "year": integer, "month": integer, "day": integer } |
| Fields | |
|---|---|
year |
Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year. |
month |
Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day. |
day |
Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant. |
List
Store list of values in a column.
| JSON representation |
|---|
{
"values": [
{
object ( |
| Fields | |
|---|---|
values[] |
|