Attending RSAC 2024? Join us at the upcoming Google Security Operations workshop, where we'll do a deep dive i...
We are excited to announce the availability of Google Cloud Security Customer Success subscriptions. Optimize ...
How Chronicle SIEM connecting with AWS Cloud Trail via EventBridge Rule . can anyone explain this. or suggest ...
Hi all, I'm in process of ingesting Office 365 feed into chronicle SIEM. I would like to know if there is guid...
I am starting recently on Chronicle; I have created a new project and enabled a Chronicle API, but the next st...
Hi All,I just want to know is there any feasibility to merge similar alerts into one single alert that matches...
I am reaching out in relation to:https://www.googlecloudcommunity.com/gc/Community-Blog/New-to-Google-SecOps-U...
Hi, I would like to know to if there is way to append a reference list without getting the content of the list...
We are in the process of integrating Oracle Cloud with Google Chronicle. Please share the possible methods for...
Missed the original announcement? No worries, I've got you covered! Google Cloud dropped some seriously awesom...
Dear Community,Did anyone manage to successfully transform or parse Windows Event Logs (System, Security) that...
what is the correct log type OR ingestion label to use in the chronicle forwarder configuration for the follow...
I've set up a AWS CloudWatch feed to ingest EKS audit logs from an S3 bucket. Initially it fetches one file wi...
Hi #community,Is there any option to throttle or prevent a rule with same criteria triggers for x period of ti...
Hello,I struggle with the outcome section for a rule i'm working on at the moment. I looked in the documentati...
HiWithin the Kubernetes Node parser, I am trying to split the textPayload into separate fields. The textPayloa...
I am reaching out in relation to the following metrics post:https://www.googlecloudcommunity.com/gc/Community-...
Hi,Would like to ask for your help on how can I parse this nested json in a udm{"type": "POTENTIAL_RISKY_ACTIV...
I am writing parser extension and want to update security_result.description field.if [@computed][message] != ...
I am trying to integrate Azure AD SSO with Chronicle SIEM , The relevant team has provided the required keys t...
April 26, 2024 The feed management feature is now enhanced to include the following: Feed names: You can assig...
April 25, 2024 Chronicle Security Operations (Chronicle SecOps) has been rebranded to Google Security Operatio...
Are you hungry for more Google Security content? Craving a way to easily find those hidden gems of knowledge? ...
HI everyoneIs there any chance that the webhook feed will be restored?Roberto
We are looking to provide an MSSP type of service and build an XDR service, currently looking to explore how d...
I have a situation where I need to advise some clients and users that the default `Unix System` parser will pa...
Hi All,I am very much looking forward to learning more about parsers, but we do not understand how to develop ...
Hi,I want to ingest 2 different types of logs from GCP to Chronicle SIEM.1) executed commands on GCP projects ...
In the event a forwarder crashed, let's say 24-48 hours of downtime.How can we recover the events that were me...
Hey all,I am trying to connect our Chrome browser with Chronicle using the native workspace connector and Chro...
We are getting below error while accessing Chronicle console. Any idea why this error is coming ?SSO login was...
Hello,I'm setting up asset enrichment through the ENTITY_CONTEXT. I have configured time interval as below:By ...