Method: instances.countAllCuratedRuleSetDetections

Full name: projects.locations.instances.countAllCuratedRuleSetDetections

Count detections across all curated rule sets.

HTTP request

POST https://chronicle.googleapis.com/v1alpha/{instance}:countAllCuratedRuleSetDetections

Path parameters

Parameters
instance

string

Required. The ID of the Instance to retrieve counts for. Format: projects/{project}/locations/{location}/instances/{instance}

Request body

The request body contains data with the following structure:

JSON representation 
{
  "interval": {
    object (Interval)
  }
}
Fields
interval

object (Interval)

Required. Time interval over which to generate counts.

Response body

Response message for counts of detections generated by curated rules.

If successful, the response body contains data with the following structure:

JSON representation 
{
  "curated_rule_set_counts": [
    {
      object (CuratedRuleSetCount)
    }
  ],
  "curated_rule_counts": [
    {
      object (CuratedRuleCount)
    }
  ]
}
Fields
curated_rule_set_counts[]

object (CuratedRuleSetCount)

Counts of detections aggregated by the originating curated rule set.
curated_rule_counts[]

object (CuratedRuleCount)

Counts of detections aggregated by the originating curated rule.

Authorization scopes

Requires the following OAuth scope:

  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the instance resource:

  • chronicle.curatedRuleSetCategories.countAllCuratedRuleSetDetections

For more information, see the IAM documentation.

CuratedRuleSetCount

Counts of detections originating from a single curated rule set.

JSON representation 
{
  "curated_rule_set": string,
  "count": integer
}
Fields
curated_rule_set

string

Name of the curated rule set.
count

integer

Count of the detections.