Skip to main content
Solved

Will Chronicle API (dataplane api) support curated rule exclusions?

  • June 30, 2025
  • 2 replies
  • 43 views
mwisener
Forum|alt.badge.img+3

Just curious if anyone has any word on if the dataplane api will eventually support exclusion creation for curated rules:

I see this type in the documentation, but not any endpoint that accepts or returns its:

https://cloud.google.com/chronicle/docs/reference/rest/v1alpha/DetectionExclusionApplication

Maybe this was accidentally added but the support is planned?

What i'm trying to do:

Programatically add/remove an exclusion for a rule name. (in ui, you would go to Detections > Rule & Detections > Exclusions Tab > Create Rule Exclusion > (fill in details) -> Create Exclusion

Thanks!

\\- Mike

 

 

Best answer by hzmndt

@mwisener 

Refer to this script -> https://github.com/chronicle/detection-rules/blob/main/tools/content_manager/content_manager/rule_exclusions.py

You can use the API to manage the curated rule exclusions. 

https://cloud.google.com/chronicle/docs/reference/rest#rest-resource:-v1alpha.projects.locations.instances.findingsrefinements

Ben_T

2 replies

hzmndt
Staff
Forum|alt.badge.img+9
  • hzmndt
  • Staff
  • Answer
  • July 1, 2025

@mwisener 

Refer to this script -> https://github.com/chronicle/detection-rules/blob/main/tools/content_manager/content_manager/rule_exclusions.py

You can use the API to manage the curated rule exclusions. 

https://cloud.google.com/chronicle/docs/reference/rest#rest-resource:-v1alpha.projects.locations.instances.findingsrefinements

Ben_T
mwisener
Forum|alt.badge.img+3
  • mwisenerBronze 1
  • Author
  • Bronze 1
  • July 7, 2025

Amazing, thanks much @hzmndt! I'll dig into this.

Terms & ConditionsCookie settingsAccessibility statement
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.