This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

New To Chronicle Blog Series

Posted on 11-16-2022 12:08 PM
jstoner
Staff
Reply posted on --/--/---- --:-- AM

Are you new to Chronicle or SecOps or SIEM? If you answered yes to any of those, this series is for you! When I started at Google in May, I had spent a good portion of my career working with SIEMs and MSSPs like Symantec, ArcSight and Splunk. However, I know from experience that different platforms have different capabilities and different ways to do build content, conduct investigations and hunt. So, this series is designed to provide some insight into how you can use Chronicle to effectively build rules, conduct searches and much much more. You can find the series at https://chronicle.security/blog/?filters=new-to-chronicle-series, we are at eight posts and growing. In fact, today we released a new blog around the improved search capabilities around UDM data. You can find the blog at https://chronicle.security/blog/posts/new-to-chronicle-a-new-view-for-search/

Stay tuned, there is more to come!

6 1 495
Topic Labels
1 REPLY 1

Posted on --/--/---- --:-- AM
amalone341
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Just read through the series and found it extremely helpful! Seeing more complex example rules that utilize the functions and multi-events gives a great launching point for rule development.