Chronicle API

The Chronicle API serves all customer endpoints.

Service: chronicle.googleapis.com

Service endpoint

A service endpoint is a base URL that specifies the network address of an API service. One service might have multiple service endpoints. This service has the following service endpoint and all URIs below are relative to this service endpoint:

  • https://chronicle.googleapis.com

REST Resource: v1alpha.projects.locations.instances

Methods
batchValidateWatchlistEntities POST /v1alpha/{parent}:batchValidateWatchlistEntities
Validates a batch of entities that could be added into watchlist under an instance.
computeAllFindingsRefinementActivities POST /v1alpha/{instance}:computeAllFindingsRefinementActivities
Returns findings refinement activity for all findings refinements.
countAllCuratedRuleSetDetections POST /v1alpha/{instance}:countAllCuratedRuleSetDetections
Count detections across all curated rule sets.
createFeedback POST /v1alpha/{instance}:createFeedback
RPC to submit user feedback on content generated by Malachite Atlas services.
extractSyslog POST /v1alpha/{instance}:extractSyslog
ExtractSyslog extracts structured part of log from a unstructured log by running a grok regex over it.
findEntity GET /v1alpha/{instance}:findEntity
Identifies the entity type and retrieves relevant data associated with a specified indicator.
findEntityAlerts GET /v1alpha/{instance}:findEntityAlerts
Get alerts for an entity
findRelatedEntities GET /v1alpha/{instance}:findRelatedEntities
Finds all the entities associated with provided entity.
findUdmFieldValues GET /v1alpha/{instance}:findUdmFieldValues
Finds ingested UDM field values that match a query.
generateUdmKeyValueMappings POST /v1alpha/{instance}:generateUdmKeyValueMappings
GenerateUDMKeyValueMappings generates key value mapping of a raw log.
get GET /v1alpha/{name}
Gets a Instance.
getMultitenantDirectory GET /v1alpha/{name}
Gets the super and subtenants and gets the current tenant name.
getRiskConfig GET /v1alpha/{name}
Queries the instance to get the Risk Configurations used for the computation of Entity Risk Score.
listAllFindingsRefinementDeployments GET /v1alpha/{instance}:listAllFindingsRefinementDeployments
Lists all findings refinement deployments.
queryProductSourceStats GET /v1alpha/{instance}:queryProductSourceStats
Gets available product sources along with their stats.
report GET /v1alpha/{name}:report
Generate a report summarizing this chronicle instance.
searchEntities GET /v1alpha/{instance}:searchEntities
Identifies the entity type and retrieves relevant data associated with a specified indicator.
searchRawLogs POST /v1alpha/{instance}:searchRawLogs
Api to get events, entities, or unparsed raw logs matching the given raw log query.
summarizeEntitiesFromQuery GET /v1alpha/{instance}:summarizeEntitiesFromQuery
Parses the query and identifies the entities contained within the search query.
summarizeEntity GET /v1alpha/{instance}:summarizeEntity
Returns all entity data over specified time.
testFindingsRefinement POST /v1alpha/{instance}:testFindingsRefinement
Tests for and returns past activity for a findings refinement, including, potentially, times when the findings refinement was not yet created.
translateUdmQuery POST /v1alpha/{instance}:translateUdmQuery
Translate natural language to a UDM Search query.
translateYlRule POST /v1alpha/{instance}:translateYlRule
Translate natural language to a Yara-L rule.
udmSearch GET /v1alpha/{instance}:udmSearch
Performs a UDM search that returns matching events for the query.
updateRiskConfig PATCH /v1alpha/{riskConfig.name}
Updates RiskConfig used for the computation of Entity Risk Score.
validateQuery GET /v1alpha/{instance}:validateQuery
Validates UDM search query by compiling the query.
verifyReferenceList POST /v1alpha/{instance}:verifyReferenceList
VerifyReferenceList validates list content and returns line errors, if any.
verifyRuleText POST /v1alpha/{instance}:verifyRuleText
Verifies the given rule text.

REST Resource: v1alpha.projects.locations.instances.analytics

Methods
list GET /v1alpha/{parent}/analytics
Lists all supported analytics for APIs which can filter by analytic type, such as ListAnalyticValues.

REST Resource: v1alpha.projects.locations.instances.analytics.entities.analyticValues

Methods
list GET /v1alpha/{parent}/analyticValues
Lists analytic values.

REST Resource: v1alpha.projects.locations.instances.cases

Methods
countPriorities GET /v1alpha/{parent}/cases:countPriorities
Count a selection of cases by priority.

REST Resource: v1alpha.projects.locations.instances.curatedRuleSetCategories

Methods
get GET /v1alpha/{name}
Gets a CuratedRuleSetCategory.
list GET /v1alpha/{parent}/curatedRuleSetCategories
Lists CuratedRuleSetCategories.

REST Resource: v1alpha.projects.locations.instances.curatedRuleSetCategories.curatedRuleSets

Methods
countCuratedRuleSetDetections POST /v1alpha/{name}:countCuratedRuleSetDetections
Counts the detections generated by a CuratedRuleSet.
get GET /v1alpha/{name}
Gets a CuratedRuleSet.
list GET /v1alpha/{parent}/curatedRuleSets
Lists CuratedRuleSets.

REST Resource: v1alpha.projects.locations.instances.curatedRuleSetCategories.curatedRuleSets.curatedRuleSetDeployments

Methods
batchUpdate POST /v1alpha/{parent}/curatedRuleSetDeployments:batchUpdate
Update multiple deployments of curated rule sets.
get GET /v1alpha/{name}
Get a deployment of a curated rule set.
list GET /v1alpha/{parent}/curatedRuleSetDeployments
Lists deployments for a curated rule set.
patch PATCH /v1alpha/{curatedRuleSetDeployment.name}
Update a deployment of a curated rule set.

REST Resource: v1alpha.projects.locations.instances.curatedRules

Methods
get GET /v1alpha/{name}
Gets a CuratedRule.
list GET /v1alpha/{parent}/curatedRules
Lists CuratedRules.

REST Resource: v1alpha.projects.locations.instances.dashboardCharts

Methods
batchGet GET /v1alpha/{parent}/dashboardCharts:batchGet
Get dashboard charts in batches.
get GET /v1alpha/{name}
Get a dashboard chart.
list GET /v1alpha/{parent}/dashboardCharts
List all dashboard charts.

REST Resource: v1alpha.projects.locations.instances.dashboardQueries

Methods
execute POST /v1alpha/{parent}/dashboardQueries:execute
Execute a query and return the data.
get GET /v1alpha/{name}
Get a dashboard query.
list GET /v1alpha/{parent}/dashboardQueries
List all dashboard queries.

REST Resource: v1alpha.projects.locations.instances.dashboards

Methods
copy POST /v1alpha/{name}:copy
Copy a dashboard of one type to a dashbooard of another type.
create POST /v1alpha/{parent}/dashboards
Create a dashboard.
delete DELETE /v1alpha/{name}
Delete a dashboard.
get GET /v1alpha/{name}
Get a dashboard.
list GET /v1alpha/{parent}/dashboards
List all dashboards.

REST Resource: v1alpha.projects.locations.instances.dataAccessLabels

Methods
create POST /v1alpha/{parent}/dataAccessLabels
Creates a data access label.
delete DELETE /v1alpha/{name}
Deletes a data access label.
get GET /v1alpha/{name}
Gets a data access label.
list GET /v1alpha/{parent}/dataAccessLabels
Lists all data access labels for the customer.
patch PATCH /v1alpha/{dataAccessLabel.name}
Updates a data access label.

REST Resource: v1alpha.projects.locations.instances.dataAccessScopes

Methods
create POST /v1alpha/{parent}/dataAccessScopes
Creates a data access scope.
delete DELETE /v1alpha/{name}
Deletes a data access scope.
get GET /v1alpha/{name}
Retrieves an existing data access scope.
list GET /v1alpha/{parent}/dataAccessScopes
Lists all existing data access scopes for the customer.
patch PATCH /v1alpha/{dataAccessScope.name}
Updates a data access scope.

REST Resource: v1alpha.projects.locations.instances.entities

Methods
get GET /v1alpha/{name}
Gets an entity by name.
import POST /v1alpha/{parent}/entities:import
ImportEntities import the entities.
modifyEntityRiskScore POST /v1alpha/{name}:modifyEntityRiskScore
Modify base entity risk score for an entity.
queryEntityRiskScoreModifications GET /v1alpha/{name}:queryEntityRiskScoreModifications
Query modifications to base entity risk score for an entity.

REST Resource: v1alpha.projects.locations.instances.entityRiskScores

Methods
query GET /v1alpha/{instance}/entityRiskScores:query
Queries the instance for EntityRiskScores.

REST Resource: v1alpha.projects.locations.instances.errorNotificationConfigs

Methods
create POST /v1alpha/{parent}/errorNotificationConfigs
Creates a new error notification config for the customer
delete DELETE /v1alpha/{name}
Deletes an error notification config.
get GET /v1alpha/{name}
Gets a single error notification config.
list GET /v1alpha/{parent}/errorNotificationConfigs
Lists error notification configurations for the customer.
patch PATCH /v1alpha/{errorNotificationConfig.name}
Updates an error notification config.

REST Resource: v1alpha.projects.locations.instances.events

Methods
batchGet GET /v1alpha/{parent}/events:batchGet
Gets a batch (list) of events given a list of names and a parent.
get GET /v1alpha/{name}
Gets an event given a name.
import POST /v1alpha/{parent}/events:import
ImportEvents import the events.

REST Resource: v1alpha.projects.locations.instances.feedServiceAccounts

Methods
fetchServiceAccountForCustomer GET /v1alpha/{parent}/feedServiceAccounts:fetchServiceAccountForCustomer
Fetch Chronicle's service account used for ingesting data from Cloud Storage buckets.

REST Resource: v1alpha.projects.locations.instances.feedSourceTypeSchemas

Methods
list GET /v1alpha/{parent}/feedSourceTypeSchemas
List all FeedSourceTypeSchemas.

REST Resource: v1alpha.projects.locations.instances.feedSourceTypeSchemas.logTypeSchemas

Methods
list GET /v1alpha/{parent}/logTypeSchemas
List all LogTypeSchemas compatible with a given FeedSourceType.

REST Resource: v1alpha.projects.locations.instances.feeds

Methods
create POST /v1alpha/{parent}/feeds
Creates a feed.
delete DELETE /v1alpha/{name}
Deletes a feed.
disable POST /v1alpha/{name}:disable
Disable feed for ingestion.
enable POST /v1alpha/{name}:enable
Enable feed for ingestion.
get GET /v1alpha/{name}
Gets a feed.
importPushLogs POST /v1alpha/{parent}:importPushLogs
Import logs coming from https push feeds.
list GET /v1alpha/{parent}/feeds
Lists all feeds for the customer.
patch PATCH /v1alpha/{feed.name}
Updates the full feed.

REST Resource: v1alpha.projects.locations.instances.findingsGraph

Methods
exploreNode GET /v1alpha/{name}:exploreNode
Explores a node to find related nodes if it is an IndividualNode or retrieve the individual nodes within the group if it is a GroupNode and return a graph composed by the nodes and their edges over a time range.
initializeGraph GET /v1alpha/{name}:initializeGraph
Initialize a graph from a resource such as a detection or an entity.

REST Resource: v1alpha.projects.locations.instances.findingsRefinements

Methods
computeFindingsRefinementActivity POST /v1alpha/{name}:computeFindingsRefinementActivity
Returns findings refinement activity for a specific findings refinement.
create POST /v1alpha/{parent}/findingsRefinements
Creates a new findings refinement.
get GET /v1alpha/{name}
Gets a single findings refinement.
getDeployment GET /v1alpha/{name}
Gets a findings refinement deployment.
list GET /v1alpha/{parent}/findingsRefinements
Lists a collection of findings refinements.
patch PATCH /v1alpha/{findingsRefinement.name}
Updates a findings refinement.
updateDeployment PATCH /v1alpha/{findingsRefinementDeployment.name}
Updates a findings refinement deployment.

REST Resource: v1alpha.projects.locations.instances.forwarders

Methods
create POST /v1alpha/{parent}/forwarders
Create a forwarder.
delete DELETE /v1alpha/{name}
Delete a forwarder by forwarder ID.
generateForwarderFiles GET /v1alpha/{name}:generateForwarderFiles
Generates a forwarder's configuration files.
get GET /v1alpha/{name}
Get a forwarder by forwarder ID.
list GET /v1alpha/{parent}/forwarders
List all forwarders for the instance.
patch PATCH /v1alpha/{forwarder.name}
Update a forwarder.

REST Resource: v1alpha.projects.locations.instances.forwarders.collectors

Methods
create POST /v1alpha/{parent}/collectors
Create a collector.
delete DELETE /v1alpha/{name}
Delete a collector by collector ID.
get GET /v1alpha/{name}
Get a collector by collector ID.
list GET /v1alpha/{parent}/collectors
List all collectors for the forwarder.
patch PATCH /v1alpha/{collector.name}
Update a collector.

REST Resource: v1alpha.projects.locations.instances.iocs

Methods
batchGet GET /v1alpha/{parent}/iocs:batchGet
Gets a batch (list) of iocs given a list of names and a parent.
findFirstAndLastSeen GET /v1alpha/{name}:findFirstAndLastSeen
FindFirstAndLastSeen for an Ioc.
get GET /v1alpha/{name}
Get an Ioc.
getIocState GET /v1alpha/{name}
Gets the status of an ioc
searchCuratedDetectionsForIoc GET /v1alpha/{name}:searchCuratedDetectionsForIoc
Search curated detections for an Ioc.
updateIocState PATCH /v1alpha/{iocState.name}
Update an Ioc state.

REST Resource: v1alpha.projects.locations.instances.iocs.iocMatches

Methods
get GET /v1alpha/{name}
Get an Ioc match.
list GET /v1alpha/{parent}/iocMatches
Lists Ioc matches across all iocs.

REST Resource: v1alpha.projects.locations.instances.legacy

Methods
legacyBatchGetCases GET /v1alpha/{instance}/legacy:legacyBatchGetCases
RPC for fetching cases for the given caseNames.
legacyCalculateAlertStats GET /v1alpha/{instance}/legacy:legacyCalculateAlertStats
Legacy endpoint for fetching alert stats (counts based on fields) for a given time range.
legacyFetchAlertsView GET /v1alpha/{instance}/legacy:legacyFetchAlertsView
Legacy endpoint for getting the histgramming of alerts.
legacyFetchUdmSearchCsv POST /v1alpha/{instance}/legacy:legacyFetchUdmSearchCsv
Legacy endpoint for fetching csv rows for matching UDM search.
legacyFetchUdmSearchView POST /v1alpha/{instance}/legacy:legacyFetchUdmSearchView
Legacy endpoint for fetching events, filters, and histograms matching UDM search.
legacyFindAssetEvents GET /v1alpha/{instance}/legacy:legacyFindAssetEvents
Legacy endpoint for getting events for an asset indicator.
legacyFindRawLogs GET /v1alpha/{instance}/legacy:legacyFindRawLogs
Legacy endpoint for getting events for a raw log search query.
legacyFindUdmEvents GET /v1alpha/{instance}/legacy:legacyFindUdmEvents
Legacy endpoint for finding UDM/entity events using tokens or ids.
legacyGetAlert GET /v1alpha/{instance}/legacy:legacyGetAlert
RPC for fetching an alert based on its Alert Id.
legacyGetCuratedRulesTrends GET /v1alpha/{instance}/legacy:legacyGetCuratedRulesTrends
Legacy RPC for listing detection counts and last detection timestamp for a list of Curated Rule ids.
legacyGetDetection GET /v1alpha/{instance}/legacy:legacyGetDetection
Legacy endpoint for fetching a Detection.
legacyGetEventForDetection GET /v1alpha/{instance}/legacy:legacyGetEventForDetection
Legacy endpoint for getting event for curated detection.
legacyGetFinding GET /v1alpha/{instance}/legacy:legacyGetFinding
Legacy endpoint for getting a Finding and its associated feedback.
legacyGetRuleCounts GET /v1alpha/{instance}/legacy:legacyGetRuleCounts
RPC to get rule counts.
legacyGetRulesTrends GET /v1alpha/{instance}/legacy:legacyGetRulesTrends
Legacy RPC for listing detection counts and last detection timestamp for a list of user-defined rule ids.
legacyRunTestRule POST /v1alpha/{instance}/legacy:legacyRunTestRule
Legacy RPC to test a rule and stream back the responses.
legacySearchAlerts GET /v1alpha/{instance}/legacy:legacySearchAlerts
Legacy endpoint for retrieving a list of all alerts(with Events and Raw Logs as clients require in requests) within the customer's environment.
legacySearchArtifactEvents GET /v1alpha/{instance}/legacy:legacySearchArtifactEvents
Legacy endpoint for getting events for a given artifact.
legacySearchArtifactIoCDetails GET /v1alpha/{instance}/legacy:legacySearchArtifactIoCDetails
Rpc to search for IoC details for a particular artifact.
legacySearchAssetEvents GET /v1alpha/{instance}/legacy:legacySearchAssetEvents
Legacy endpoint for getting events for a given asset.
legacySearchCuratedDetections GET /v1alpha/{instance}/legacy:legacySearchCuratedDetections
Legacy endpoint for searcing detections for a Curated Rule.
legacySearchDetections GET /v1alpha/{instance}/legacy:legacySearchDetections
Legacy endpoint for searching detections for a rule version.
legacySearchDomainsRecentlyRegistered GET /v1alpha/{instance}/legacy:legacySearchDomainsRecentlyRegistered
Given a list of domain names and a time, returns only the domains that were recently registered relative to that time.
legacySearchDomainsTimingStats GET /v1alpha/{instance}/legacy:legacySearchDomainsTimingStats
Given a list of domain names, returns time-related statistics for those domains (ex: the first seen in the enterprise time).
legacySearchEnterpriseWideAlerts GET /v1alpha/{instance}/legacy:legacySearchEnterpriseWideAlerts
RPC for getting all alerts in a time range in legacy page site.
legacySearchEnterpriseWideIoCs GET /v1alpha/{instance}/legacy:legacySearchEnterpriseWideIoCs
RPC for listing IoC matches against ingested events.
legacySearchFindings GET /v1alpha/{instance}/legacy:legacySearchFindings
Legacy endpoint for listing Findings.
legacySearchIoCInsights GET /v1alpha/{instance}/legacy:legacySearchIoCInsights
Rpc to list IoC insights on given artifacts.
legacySearchRawLogs GET /v1alpha/{instance}/legacy:legacySearchRawLogs
Legacy endpoint for getting events for a raw log search.
legacySearchRuleDetectionCountBuckets GET /v1alpha/{instance}/legacy:legacySearchRuleDetectionCountBuckets
Legacy endpoint for listing detection count buckets for a Rules Engine rule.
legacySearchRuleDetectionEvents GET /v1alpha/{instance}/legacy:legacySearchRuleDetectionEvents
Legacy RPC for listing events associated with a particular Detection generated by a Rules Engine rule.
legacySearchRuleResults GET /v1alpha/{instance}/legacy:legacySearchRuleResults
Legacy endpoint for listing aggregated results for a Rules Engine rule.
legacySearchRulesAlerts GET /v1alpha/{instance}/legacy:legacySearchRulesAlerts
RPC to get the list of Rules Enginer generated alerts for a customer.
legacySearchUserEvents GET /v1alpha/{instance}/legacy:legacySearchUserEvents
Legacy endpoint for getting events for a given user.
legacyStreamDetectionAlerts POST /v1alpha/{instance}/legacy:legacyStreamDetectionAlerts
Legacy StreamDetectionAlerts continuously streams new detection alerts as they are discovered.
legacyTestRuleStreaming POST /v1alpha/{instance}/legacy:legacyTestRuleStreaming
LegacyTestRuleStreaming tests the given rule text over a specified time range and streams detections/errors back without persisting them.
legacyUpdateAlert POST /v1alpha/{instance}/legacy:legacyUpdateAlert
Legacy endpoint for updating an alert.
legacyUpdateFinding POST /v1alpha/{instance}/legacy:legacyUpdateFinding
Legacy endpoint for updating a Finding with new feedback.

REST Resource: v1alpha.projects.locations.instances.logTypes

Methods
create POST /v1alpha/{parent}/logTypes
Create LogType.
generateEventTypesSuggestions POST /v1alpha/{logtype}:generateEventTypesSuggestions
GenerateEventTypesSuggestions generates event types suggestions that can be mapped by a lowcode parser.
get GET /v1alpha/{name}
Gets a LogType.
legacySubmitParserExtension POST /v1alpha/{parent}:legacySubmitParserExtension
LegacySubmitParserExtension creates validates and then makes the extension live.
list GET /v1alpha/{parent}/logTypes
Lists all LogTypes.
patch PATCH /v1alpha/{logType.name}
Update LogType.
runParser POST /v1alpha/{logtype}:runParser
RunParser runs the parser against a log and returns normalized events or any error that occurred during the normalization.

REST Resource: v1alpha.projects.locations.instances.logTypes.logs

Methods
export POST /v1alpha/{parent}/logs:export
Export log telemetry.
get GET /v1alpha/{name}
Gets a Log.
import POST /v1alpha/{parent}/logs:import
Import log telemetry.
list GET /v1alpha/{parent}/logs
Lists all Logs.

REST Resource: v1alpha.projects.locations.instances.logTypes.parserExtensions

Methods
activate POST /v1alpha/{name}:activate
ActivateParserExtension switches the customer to use requested parser extension, This will set the extension state to ACTIVE.
create POST /v1alpha/{parent}/parserExtensions
Create a parser extension.
delete DELETE /v1alpha/{name}
Delete a parser extension.
get GET /v1alpha/{name}
Get a parser extension.
list GET /v1alpha/{parent}/parserExtensions
List all parser extensions.

REST Resource: v1alpha.projects.locations.instances.logTypes.parserExtensions.extensionValidationReports

Methods
get GET /v1alpha/{name}
Get a parser vaildation report.
list GET /v1alpha/{parent}/extensionValidationReports
List all parser validation reports for a parser extension.

REST Resource: v1alpha.projects.locations.instances.logTypes.parserExtensions.extensionValidationReports.validationErrors

Methods
list GET /v1alpha/{parent}/validationErrors
List validation errors of a parser extension validation report.

REST Resource: v1alpha.projects.locations.instances.logTypes.parserExtensions.validationReports

Methods
get GET /v1alpha/{name}
Get a validation report.

REST Resource: v1alpha.projects.locations.instances.logTypes.parserExtensions.validationReports.parsingErrors

Methods
list GET /v1alpha/{parent}/parsingErrors
List parsing errors of a validation report.

REST Resource: v1alpha.projects.locations.instances.logTypes.parsers

Methods
activate POST /v1alpha/{name}:activate
ActivateParser switches the customer to use requested parser, This will set the Parser state to ACTIVE.
activateReleaseCandidateParser POST /v1alpha/{name}:activateReleaseCandidateParser
ActivateReleaseCandidateParser makes the release candidate parser live for that customer.
copy POST /v1alpha/{name}:copy
CopyPrebuiltParser makes a copy of a prebuilt parser.
create POST /v1alpha/{parent}/parsers
Create a parser.
deactivate POST /v1alpha/{name}:deactivate
DeactivateParser deactivates the requested parser, and activates the prebuilt release parser.
delete DELETE /v1alpha/{name}
Delete a parser.
get GET /v1alpha/{name}
Get a parser.
list GET /v1alpha/{parent}/parsers
List all parsers.

REST Resource: v1alpha.projects.locations.instances.logTypes.parsers.validationReports

Methods
get GET /v1alpha/{name}
Get a validation report.

REST Resource: v1alpha.projects.locations.instances.logTypes.parsers.validationReports.parsingErrors

Methods
list GET /v1alpha/{parent}/parsingErrors
List parsing errors of a validation report.

REST Resource: v1alpha.projects.locations.instances.logs

Methods
classify POST /v1alpha/{parent=projects/*/locations/*/instances/*}/logs:classify
Classify the logs to the corresponding logType.

REST Resource: v1alpha.projects.locations.instances.nativeDashboards

Methods
addChart POST /v1alpha/{name}:addChart
Add chart in a dashboard.
create POST /v1alpha/{parent}/nativeDashboards
Create a dashboard.
delete DELETE /v1alpha/{name}
Delete a dashboard.
duplicate POST /v1alpha/{name}:duplicate
Duplicate a dashboard.
duplicateChart POST /v1alpha/{name}:duplicateChart
Duplicate chart in a dashboard.
editChart POST /v1alpha/{name}:editChart
Edit chart in a dashboard.
get GET /v1alpha/{name}
Get a dashboard.
list GET /v1alpha/{parent}/nativeDashboards
List all dashboards.
patch PATCH /v1alpha/{nativeDashboard.name}
Update a dashboard.
removeChart POST /v1alpha/{name}:removeChart
Remove chart from a dashboard.

REST Resource: v1alpha.projects.locations.instances.operations

Methods
cancel POST /v1alpha/{name}:cancel
Starts asynchronous cancellation on a long-running operation.
delete DELETE /v1alpha/{name}
Deletes a long-running operation.
get GET /v1alpha/{name}
Gets the latest state of a long-running operation.
list GET /v1alpha/{name}
Lists operations that match the specified filter in the request.

REST Resource: v1alpha.projects.locations.instances.referenceLists

Methods
create POST /v1alpha/{parent}/referenceLists
Creates a new reference list.
get GET /v1alpha/{name}
Gets a single reference list.
list GET /v1alpha/{parent}/referenceLists
Lists a collection of reference lists.
patch PATCH /v1alpha/{referenceList.name}
Updates an existing reference list.

REST Resource: v1alpha.projects.locations.instances.ruleExecutionErrors

Methods
list GET /v1alpha/{parent}/ruleExecutionErrors
Lists rule execution errors.

REST Resource: v1alpha.projects.locations.instances.rules

Methods
create POST /v1alpha/{parent}/rules
Creates a new Rule.
delete DELETE /v1alpha/{name}
Deletes a Rule.
get GET /v1alpha/{name}
Gets a Rule.
getDeployment GET /v1alpha/{name}
Gets a RuleDeployment.
list GET /v1alpha/{parent}/rules
Lists Rules.
listRevisions GET /v1alpha/{name}:listRevisions
Lists all revisions of the rule.
patch PATCH /v1alpha/{rule.name}
Updates a Rule.
updateDeployment PATCH /v1alpha/{ruleDeployment.name}
Updates a RuleDeployment.

REST Resource: v1alpha.projects.locations.instances.rules.deployments

Methods
list GET /v1alpha/{parent}/deployments
Lists RuleDeployments across all Rules.

REST Resource: v1alpha.projects.locations.instances.rules.retrohunts

Methods
create POST /v1alpha/{parent}/retrohunts
Create a Retrohunt.
get GET /v1alpha/{name}
Get a Retrohunt.
list GET /v1alpha/{parent}/retrohunts
List Retrohunts.

REST Resource: v1alpha.projects.locations.instances.sdlConnectors

Methods
execute POST /v1alpha/{parent}/sdlConnectors:execute
Execute Query executes the given query in the request and returns the response.

REST Resource: v1alpha.projects.locations.instances.users

Methods
getPreferenceSet GET /v1alpha/{name}
Endpoint for getting a user's PreferenceSet
updatePreferenceSet PATCH /v1alpha/{preferenceSet.name}
Endpoint for updating user data saved query

REST Resource: v1alpha.projects.locations.instances.users.conversations

Methods
create POST /v1alpha/{parent}/conversations
CreateConversation is used to create a new conversation.
delete DELETE /v1alpha/{name}
DeleteConversation is used to delete a conversation.
get GET /v1alpha/{name}
GetConversation is used to retrieve an existing conversation.
list GET /v1alpha/{parent}/conversations
ListConversations is used to retrieve existing conversations.
patch PATCH /v1alpha/{conversation.name}
UpdateConversation is used to update an existing conversation.

REST Resource: v1alpha.projects.locations.instances.users.conversations.messages

Methods
create POST /v1alpha/{parent}/messages
CreateMessage is used to create a new message in a conversation.
delete DELETE /v1alpha/{name}
DeleteMessage is used to delete a message.
get GET /v1alpha/{name}
GetMessage is used to retrieve a message.
list GET /v1alpha/{parent}/messages
ListMessages is used to retrieve existing messages for a conversation.
patch PATCH /v1alpha/{message.name}
UpdateMessage is used to update an existing message.

REST Resource: v1alpha.projects.locations.instances.users.searchQueries

Methods
create POST /v1alpha/{parent}/searchQueries
Endpoint for adding a new entry to the specified collection of user data
delete DELETE /v1alpha/{name}
Endpoint for deleting a user data saved query entry
get GET /v1alpha/{name}
Endpoint for getting a user's Saved query entry
list GET /v1alpha/{parent}/searchQueries
Endpoint for listing the user data saved queries owned by the specified user
patch PATCH /v1alpha/{searchQuery.name}
Endpoint for updating user data saved query

REST Resource: v1alpha.projects.locations.instances.watchlists

Methods
create POST /v1alpha/{parent}/watchlists
Creates a watchlist for the given instance.
delete DELETE /v1alpha/{name}
Deletes the watchlist for the given instance.
get GET /v1alpha/{name}
Gets watchlist details for the given watchlist ID.
list GET /v1alpha/{parent}/watchlists
Lists all watchlists for the given instance.
listEntities GET /v1alpha/{parent}:listEntities
Lists all entities for the given watchlist.
patch PATCH /v1alpha/{watchlist.name}
Updates the watchlist for the given instance.

REST Resource: v1alpha.projects.locations.instances.watchlists.entities

Methods
add POST /v1alpha/{parent}/entities:add
Adds an entity in watchlist.
batchAdd POST /v1alpha/{parent}/entities:batchAdd
Adds a batch of entities under watchlist.
batchRemove POST /v1alpha/{parent}/entities:batchRemove
Removes entities in batch in the given watchlist.
remove POST /v1alpha/{name}:remove
Removes the entity in the given watchlist.