Console
    Contact Us Start free

    BigQueryExport

    This resource represents the BigQuery export configuration for a Chronicle instance which includes Google Cloud Platform resources like Cloud Storage buckets, BigQuery datasets etc and the export settings for each data source.

    JSON representation 
     { 
 "name" 
 : 
 string 
 , 
 "provisioned" 
 : 
 boolean 
 , 
 "bigQueryExportPackage" 
 : 
 enum (  BigQueryExportPackage 
 
) 
 , 
 "entityGraphSettings" 
 : 
 { 
 object (  DataSourceExportSettings 
 
) 
 } 
 , 
 "iocMatchesSettings" 
 : 
 { 
 object (  DataSourceExportSettings 
 
) 
 } 
 , 
 "ruleDetectionsSettings" 
 : 
 { 
 object (  DataSourceExportSettings 
 
) 
 } 
 , 
 "udmEventsAggregatesSettings" 
 : 
 { 
 object (  DataSourceExportSettings 
 
) 
 } 
 , 
 "udmEventsSettings" 
 : 
 { 
 object (  DataSourceExportSettings 
 
) 
 } 
 }
    Fields
    name

    string

    Identifier. The resource name of the BigQueryExport. Format: projects/{project}/locations/{location}/instances/{instance}/bigQueryExport
    provisioned

    boolean

    Output only. Whether the BigQueryExport has been provisioned for the Chronicle instance.
    bigQueryExportPackage

    enum ( BigQueryExportPackage )

    Output only. The BigQueryExportPackage entitled for the Chronicle instance.
    entityGraphSettings

    object ( DataSourceExportSettings )

    Optional. The export settings for the Entity Graph data source.
    iocMatchesSettings

    object ( DataSourceExportSettings )

    Optional. The export settings for the IOC Matches data source.
    ruleDetectionsSettings

    object ( DataSourceExportSettings )

    Optional. The export settings for the Rule Detections data source.
    udmEventsAggregatesSettings

    object ( DataSourceExportSettings )

    Optional. The export settings for the UDM Events Aggregates data source.
    udmEventsSettings

    object ( DataSourceExportSettings )

    Optional. The export settings for the UDM Events data source.

    BigQueryExportPackage

    The BigQueryExportPackage entitled for the Chronicle instance.

    Enums
    BIG_QUERY_EXPORT_PACKAGE_UNSPECIFIED The BigQueryExportPackage is unspecified.
    BIG_QUERY_EXPORT_PACKAGE_BYOBQ The BigQueryExportPackage is Bring Your Own BigQuery.
    BIG_QUERY_EXPORT_PACKAGE_ADVANCED The BigQueryExportPackage is Advanced BigQuery.

    DataSourceExportSettings

    The export settings for a data source.

    JSON representation 
     { 
 "enabled" 
 : 
 boolean 
 , 
 "retentionDays" 
 : 
 integer 
 , 
 "latestExportJobState" 
 : 
 enum (  LatestExportJobState 
 
) 
 , 
 "dataFreshnessTime" 
 : 
 string 
 , 
 "dataVolume" 
 : 
 string 
 }
    Fields
    enabled

    boolean

    Required. Whether the data source is enabled for export.
    retentionDays

    integer

    Required. The retention period for the data source in days.
    latestExportJobState

    enum ( LatestExportJobState )

    Output only. The state of the latest data source export job.
    dataFreshnessTime

    string ( Timestamp format)

    Output only. The data freshness of the given export which represents the time bucket at which the latest event was exported.

    Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z" , "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30" .
    dataVolume

    string ( int64 format)

    Output only. The stored data volume of all the exports.

    LatestExportJobState

    The state of the latest data source export job.

    Enums
    LATEST_EXPORT_JOB_STATE_UNSPECIFIED The latest export job state is unspecified.
    LATEST_EXPORT_JOB_STATE_SUCCESS The latest export job state is successful.
    LATEST_EXPORT_JOB_STATE_FAILED The latest export job state is failed.
    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: