Node

JSON representation
IndividualNode
- JSON representation
IndicatorSummary
- JSON representation
IndicatorAliases
- JSON representation
GroupNode
- JSON representation
GroupNodeDetail
- JSON representation
DetectionGroup
- JSON representation
AlertState
EntityGroupMetadata
- JSON representation

A generic node in a graph.

JSON representation

JSON representation
{ "id": string, "displayName": string, // Union field `node_detail` can be only one of the following: "individualNode": { object (`IndividualNode`) }, "groupNode": { object (`GroupNode`) } // End of list of possible types for union field `node_detail`. }

{
  "id": string,
  "displayName": string,

  // Union field node_detail can be only one of the following:
  "individualNode": {
    object (IndividualNode)
  },
  "groupNode": {
    object (GroupNode)
  }
  // End of list of possible types for union field node_detail.
}

Fields
`id`	`string` Required. The unique string id of the node.
`displayName`	`string` Output only. The display name of the node.
Union field `node_detail`. Detailed information about a node. A node can be either an individual node or a group node. `node_detail` can be only one of the following:
`individualNode`	`object (IndividualNode)` A individual node which contains a resource.
`groupNode`	`object (GroupNode)` A group node in a graph which represents a collection of individual nodes.

IndividualNode

A individual node which contains a resource.

JSON representation

JSON representation
{ "adjacentIndividualNodesCount": integer, // Union field `node_detail` can be only one of the following: "detection": { object (`Collection`) }, "indicatorSummary": { object (`IndicatorSummary`) } // End of list of possible types for union field `node_detail`. }

{
  "adjacentIndividualNodesCount": integer,

  // Union field node_detail can be only one of the following:
  "detection": {
    object (Collection)
  },
  "indicatorSummary": {
    object (IndicatorSummary)
  }
  // End of list of possible types for union field node_detail.
}

Fields
`adjacentIndividualNodesCount`	`integer` Output only. The number of individual nodes adjacent to the current node.
Union field `node_detail`. Detailed information of the node. `node_detail` can be only one of the following:
`detection`	`object (Collection)` Output only. Detail about a detection node.
`indicatorSummary`	`object (IndicatorSummary)` Output only. Indicator summary information about an entity node.

IndicatorSummary

A summary of aliased indicators of an entity.

JSON representation
{ "entity": string, "timeRange": { object (`Interval`) }, "displayIndicator": { object (`EntityIndicator`) }, "aliases": [ { object (`IndicatorAliases`) } ], "entityRiskScore": integer }

Fields
`entity`	`string` The resource name of an entity. Format: projects/{project}/locations/{location}/instances/{instance}/entities/{entity}
`timeRange`	`object (Interval)` The time range that the aliases are valid for. This is the same as the Entity interval, and is duplicated here for convenience.
`displayIndicator`	`object (EntityIndicator)` The EntityIndicator used to represent the IndicatorSummary.
`aliases[]`	`object (IndicatorAliases)` A list of IndicatorAliases across different time ranges.
`entityRiskScore`	`integer` The risk score of the entity at the end of the time range.

IndicatorAliases

A list of aliased indicators within a time range.

JSON representation
{ "timeRange": { object (`Interval`) }, "aliases": [ { object (`EntityIndicator`) } ] }

Fields

Fields
`timeRange`	`object (Interval)` The time range of the aliases is valid for.
`aliases[]`	`object (EntityIndicator)` A list of aliased indicators within the time range.

timeRange

object (Interval)

The time range of the aliases is valid for.

aliases[]

object (EntityIndicator)

A list of aliased indicators within the time range.

GroupNode

A group node in a graph, which can be a indicator-related detection group or a rule-related detection group.

JSON representation
{ "groupNodeDetail": { object (`GroupNodeDetail`) }, "individualNodeCount": integer }

Fields

Fields
`groupNodeDetail`	`object (GroupNodeDetail)` Output only. The detail information of a group node.
`individualNodeCount`	`integer` Output only. The individual nodes count in the group.

groupNodeDetail

object (GroupNodeDetail)

Output only. The detail information of a group node.

individualNodeCount

integer

Output only. The individual nodes count in the group.

GroupNodeDetail

Detail information of a group node.

JSON representation

JSON representation
{ "parentNodeId": string, // Union field `group` can be only one of the following: "indicatorRelatedDetectionGroup": { object (`DetectionGroup`) }, "ruleRelatedDetectionGroup": { object (`DetectionGroup`) }, "entityGroupMetadata": { object (`EntityGroupMetadata`) } // End of list of possible types for union field `group`. }

{
  "parentNodeId": string,

  // Union field group can be only one of the following:
  "indicatorRelatedDetectionGroup": {
    object (DetectionGroup)
  },
  "ruleRelatedDetectionGroup": {
    object (DetectionGroup)
  },
  "entityGroupMetadata": {
    object (EntityGroupMetadata)
  }
  // End of list of possible types for union field group.
}

Fields
`parentNodeId`	`string` The source of the parent node of the current group node. The parent node can only be an individual node.
Union field `group`. The detailed information about a group node. `group` can be only one of the following:
`indicatorRelatedDetectionGroup`	`object (DetectionGroup)` An indicator-related detection group.
`ruleRelatedDetectionGroup`	`object (DetectionGroup)` A rule-related detection group.
`entityGroupMetadata`	`object (EntityGroupMetadata)` An entity group.

DetectionGroup

A detection group, which contains fields about how the detections got grouped. NEXT_TAG: 4

JSON representation
{ "alertState": enum (`AlertState`), "rule": string, "ruleDisplayName": string }

Fields

Fields
`alertState`	`enum (AlertState)` Output only. The state of a detection representing if the detection is an alert or not.
`rule`	`string` Optional. The Rule a detection generated from. Format: projects/{project}/locations/{location}/instances/{instance}/rules/{rule}
`ruleDisplayName`	`string` Output only. The rule display name.

alertState

enum (AlertState)

Output only. The state of a detection representing if the detection is an alert or not.

rule

string

Optional. The Rule a detection generated from. Format: projects/{project}/locations/{location}/instances/{instance}/rules/{rule}

ruleDisplayName

string

Output only. The rule display name.

AlertState

The alert state of a detection.

Enums
`ALERT_STATE_UNSPECIFIED`	The default/unset value. The API will default to the ALERT_STATE_ALERTING.
`ALERT_STATE_NOT_ALERTING`	A not alerting state.
`ALERT_STATE_ALERTING`	An alerting state.

EntityGroupMetadata

An entity group metadata, which contains fields about how the entities got grouped.

JSON representation
{ "entityType": enum (`EntityType`) }

Fields

entityType

enum (EntityType)

Output only. The type of entities in the group.

Node Stay organized with collections Save and categorize content based on your preferences.

IndividualNode

IndicatorSummary

IndicatorAliases

GroupNode

GroupNodeDetail

DetectionGroup

AlertState

EntityGroupMetadata

Node