- HTTP request
- Path parameters
- Query parameters
- Request body
- Response body
- Authorization scopes
- Try it!
Full name: projects.locations.instances.iocs.iocMatches.list
Lists Ioc matches across all iocs.
HTTP request
GET https://chronicle.googleapis.com/v1alpha/{parent}/iocMatches
Path parameters
Parameters | |
---|---|
parent |
Required. The collection of all parents which own all ioc matches. The "-" wildcard token must be used as the rule identifier in the resource path. Format: projects/{project}/locations/{location}/instances/{instance}/iocs/- |
Query parameters
Parameters | |
---|---|
timestampRange |
Required. Time range [start, end) in which matched to be queried. UI/FE is expected to pass in NOW as end. |
addMandiantAttributes |
Optional. Indicates if mandiant attributes should be added to the ioc response. |
pageSize |
Optional. The maximum number of detections to return. |
pageToken |
Optional. A page token, received from a previous |
filter |
Optional. A filter that can be used to retrieve specific ioc matches. The following fields are filterable: archived, name |
Request body
The request body must be empty.
Response body
Response containing matched IoCs
If successful, the response body contains data with the following structure:
JSON representation |
---|
{
"ioc_matches": [
{
object ( |
Fields | |
---|---|
ioc_matches[] |
IoC Matches returned for the query. |
next_page_token |
A token that can be sent as |
Authorization scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.