Method: instances.generateUdmKeyValueMappings

Full name: projects.locations.instances.generateUdmKeyValueMappings

GenerateUDMKeyValueMappings generates key value mapping of a raw log. For a JSON raw log { "menu": { "id": "file", "popup": { "value": "New", } } } The generated key value mappings will be: "menu.id": "file" "menu.popup.value": "New"

HTTP request

POST https://chronicle.googleapis.com/v1alpha/{instance}:generateUdmKeyValueMappings

Path parameters

Parameters
instance

string

Required. The Chronicle instance associated with the request. Format: projects/{project}/locations/{location}/instances/{instance}

Request body

The request body contains data with the following structure:

JSON representation
{
  "log_format": enum (LogFormat),
  "log": string
}
Fields
log_format

enum (LogFormat)

Log format of the raw log.

log

string (bytes format)

The raw log.

A base64-encoded string.

Response body

Response message for GenerateUDMKeyValueMappingsResponse.

If successful, the response body contains data with the following structure:

JSON representation
{
  "field_mappings": {
    string: string,
    ...
  }
}
Fields
field_mappings

map (key: string, value: string)

map of extracted fields.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

Authorization scopes

Requires the following OAuth scope:

  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the instance resource:

  • chronicle.parserExtensions.generateKeyValueMappings

For more information, see the IAM documentation.