Method: findingsGraph.exploreNode

HTTP request
Path parameters
Query parameters
Request body
Response body
- JSON representation
Authorization scopes
IAM Permissions
ExpansionOptions
- JSON representation
Try it!

Full name: projects.locations.instances.findingsGraph.exploreNode

Explores a node to find related nodes if it is an IndividualNode or retrieve the individual nodes within the group if it is a GroupNode and return a graph composed by the nodes and their edges over a time range.

HTTP request

GET https://chronicle.googleapis.com/v1alpha/{name}:exploreNode

Path parameters

Parameters

Parameters
`name`	`string` Required. The resource name of the FindingsGraph resource. Format: projects/{project}/locations/{location}/instances/{instance}/findingsGraph

name

string

Required. The resource name of the FindingsGraph resource. Format: projects/{project}/locations/{location}/instances/{instance}/findingsGraph

Query parameters

Parameters
`nodeId`	`string` Required. The unique id of the node to be explored.
Union parameter `params`. The exploration request parameters. `params` can be only one of the following:
`explorationOptions`	`object (ExplorationOptions)` Optional. Options for exploring an individual node. These options should only be supplied if the node is an IndividualNode representing a single entity or detection.
`groupExpansionOptions`	`object (ExpansionOptions)` Optional. Options for expanding a group node. These options should only be supplied if the node is a GroupNode.

Request body

The request body must be empty.

Response body

Response message to explore a node.

If successful, the response body contains data with the following structure:

JSON representation
{ "graph": { object (`Graph`) }, "next_page_token": string, "root_node": { object (`Node`) } }

Fields

Fields
`graph`	`object (Graph)` A graph composed of nodes and the edges between these nodes and the node in the request.
`next_page_token`	`string` A token, which can be sent as `page_token` to retrieve the graph composed of the next page of nodes. If this field is omitted, there are no subsequent pages. Pagination applies to the nodes in the response and the edges that touch those nodes.
`root_node`	`object (Node)` The root node of the graph. Returned when explore an individual node.

graph

object (Graph)

A graph composed of nodes and the edges between these nodes and the node in the request.

next_page_token

string

A token, which can be sent as page_token to retrieve the graph composed of the next page of nodes. If this field is omitted, there are no subsequent pages. Pagination applies to the nodes in the response and the edges that touch those nodes.

root_node

object (Node)

The root node of the graph. Returned when explore an individual node.

Authorization scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the name resource:

chronicle.findingsGraphs.exploreNode

For more information, see the IAM documentation.

ExpansionOptions

Request options when expand a group node.

JSON representation
{ "page_size": integer, "page_token": string, "detection_view": enum (`DetectionView`) }

Fields

Fields
`page_size`	`integer` Optional. The limit of the total individual nodes will be returned in the expansion. If unspecified, at most 100 nodes will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000. Pagination applies to the nodes in the response and the edges that touch those nodes.
`page_token`	`string` Optional. A page token, received from a previous call. Pagination applies to the nodes in the response and the edges that touch those nodes. Provide this to retrieve the subsequent nodes. When paginating, all other parameters provided in the ExpansionOptions must match the options in the call that provided the page token.
`detection_view`	`enum (DetectionView)` Optional. The view field indicates the scope of reference fields to populate for the detection being returned. If unspecified, defaults to EVENT_ONLY.

page_size

integer

Optional. The limit of the total individual nodes will be returned in the expansion. If unspecified, at most 100 nodes will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000. Pagination applies to the nodes in the response and the edges that touch those nodes.

page_token

string

Optional. A page token, received from a previous call. Pagination applies to the nodes in the response and the edges that touch those nodes. Provide this to retrieve the subsequent nodes.

When paginating, all other parameters provided in the ExpansionOptions must match the options in the call that provided the page token.

detection_view

enum (DetectionView)

Optional. The view field indicates the scope of reference fields to populate for the detection being returned. If unspecified, defaults to EVENT_ONLY.