Attending RSAC 2024? Join us at the upcoming Google Security Operations workshop, where we'll do a deep dive i...
We are excited to announce the availability of Google Cloud Security Customer Success subscriptions. Optimize ...
Does Google Secops have a VPAT (Voluntary Product Accessibility Template) ?
Hi,I have been struggling to find the right approach to ingest 1password audit events into Chronicle SIEM. Upo...
Hello!I would like to know if someone has sent to Chronicle the Aruba Central logs.If so, how was it done and ...
Hi Team, While parsing UDM Entity and UDM Event for under the same parser, I got following error. generic::inv...
Recently trying stats in search (Preview) but it seems not working on our end. Tried the sample in documentati...
Hi Gurus,I am new to Chronicle SIEM, I can get alerts with ListDetections APIs(https://cloud.google.com/chroni...
Hi all, I'm in process of ingesting Office 365 feed into chronicle SIEM. I would like to know if there is guid...
How Chronicle SIEM connecting with AWS Cloud Trail via EventBridge Rule . can anyone explain this. or suggest ...
I am starting recently on Chronicle; I have created a new project and enabled a Chronicle API, but the next st...
Hi All,I just want to know is there any feasibility to merge similar alerts into one single alert that matches...
I am reaching out in relation to:https://www.googlecloudcommunity.com/gc/Community-Blog/New-to-Google-SecOps-U...
Hi, I would like to know to if there is way to append a reference list without getting the content of the list...
We are in the process of integrating Oracle Cloud with Google Chronicle. Please share the possible methods for...
Missed the original announcement? No worries, I've got you covered! Google Cloud dropped some seriously awesom...
Dear Community,Did anyone manage to successfully transform or parse Windows Event Logs (System, Security) that...
what is the correct log type OR ingestion label to use in the chronicle forwarder configuration for the follow...
I've set up a AWS CloudWatch feed to ingest EKS audit logs from an S3 bucket. Initially it fetches one file wi...
Hi #community,Is there any option to throttle or prevent a rule with same criteria triggers for x period of ti...
Hello,I struggle with the outcome section for a rule i'm working on at the moment. I looked in the documentati...
HiWithin the Kubernetes Node parser, I am trying to split the textPayload into separate fields. The textPayloa...
I am reaching out in relation to the following metrics post:https://www.googlecloudcommunity.com/gc/Community-...
Hi,Would like to ask for your help on how can I parse this nested json in a udm{"type": "POTENTIAL_RISKY_ACTIV...
I am writing parser extension and want to update security_result.description field.if [@computed][message] != ...
I am trying to integrate Azure AD SSO with Chronicle SIEM , The relevant team has provided the required keys t...
April 26, 2024 The feed management feature is now enhanced to include the following: Feed names: You can assig...
April 25, 2024 Chronicle Security Operations (Chronicle SecOps) has been rebranded to Google Security Operatio...
Are you hungry for more Google Security content? Craving a way to easily find those hidden gems of knowledge? ...
HI everyoneIs there any chance that the webhook feed will be restored?Roberto
We are looking to provide an MSSP type of service and build an XDR service, currently looking to explore how d...
I have a situation where I need to advise some clients and users that the default `Unix System` parser will pa...