Module: Google::Cloud::Chronicle::V1::DataSource
- Defined in:
- proto_docs/google/cloud/chronicle/v1/dashboard_query.rb
Overview
LINT.IfChange(data_sources)
Constant Summary collapse
- DATA_SOURCE_UNSPECIFIED =
0- UDM =
1- ENTITY =
2- INGESTION_METRICS =
3- RULE_DETECTIONS =
RULE_DETECTIONS is used for detections datasource.
4- RULESETS =
RULESETS is used for ruleset with detections datasource.
5- GLOBAL =
GLOBAL is used for standard time range filter.
6- IOC_MATCHES =
IOC_MATCHES is used for ioc_matches datasource.
7- RULES =
RULES is used for rules datasource.
8- SOAR_CASES =
SOAR Cases - identified as
case. 9- SOAR_PLAYBOOKS =
SOAR Playbooks - identified as
playbook. 10- SOAR_CASE_HISTORY =
SOAR Case History - identified as
case_history. 11- DATA_TABLE =
DATA_TABLE is used for data tables source.
12- INVESTIGATION =
INVESTIGATION is used as the data source for triage agent investigations. Identified as
gemini_investigation. 13- INVESTIGATION_FEEDBACK =
INVESTIGATION_FEEDBACK is used as the data source for user feedback on triage agent investigations. Identified as
gemini_investigation_feedback. 14