This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Is there a Chronicle feature request form? Or a Chronicle feature
request forum with voting?I searched in the Chronicle forums and did not
find anything currently relevant. I did find the Issue Tracker
https://issuetracker.google.com/issues?q=compone...
@Marie_Chudolij YouTube video 2-27-24 - Chronicle SOAR to the Rescue:
Orchestrate SIEM Reference List Updates for Improved Threat DetectionI
suggest IP addresses and info inferred from IP address can be unreliable
for remote login analysis as:- the g...
Anyone have a good experience ingesting Windows logs into Chronicle?
I’ve heard nxlogs , cribl, etc. E.g. can Chronicle use cribl stream ? I
see there’s “edge” and “stream” flavors of cribl?
Yeah this isn't working...I want to suggest a feature request (change in
UI) , but can't...I go to create a case
(https://console.cloud.google.com/support/createcase etc etc), select
SIEM, and the only subjects I can open a case about are New Logtype...
Do you have Chronicle SIEM and Chronicle SOAR (aka Siemplify)? OR just
the SIEM?My team has both Chronicle SIEM and SOAR and we primarily use
VirusTotal for SIEM detection enrichment in the SOAR.It looks like
enrichment is possible in detection rules...
Did you already try running an equivalent search for examples in Raw
Search?When I can't use grouped fields, and even then, I often have to
hunt for the best fieldname by search in Raw and seeing what fields get
parsed in UDM and which one is best fo...