Community & Learning workshop - RSAC 2024
Attending RSAC 2024? Join us at the upcoming Google Security Operations workshop, where we'll do a deep dive i...
Forum Posts
New Google Cloud Security Customer Success Services Available!
We are excited to announce the availability of Google Cloud Security Customer Success subscriptions. Optimize ...
How to update Chronicle SIEM alerts with API?
Hi Gurus,I am new to Chronicle SIEM, I can get alerts with ListDetections APIs(https://cloud.google.com/chroni...
Chronicle SIEM connecting with AWS Cloud Trail
How Chronicle SIEM connecting with AWS Cloud Trail via EventBridge Rule . can anyone explain this. or suggest ...
reference list api questions
Hi, I would like to know to if there is way to append a reference list without getting the content of the list...
Executed CLI commands and NGINX logs to Chronicle
Hi,I want to ingest 2 different types of logs from GCP to Chronicle SIEM.1) executed commands on GCP projects ...
How Do I Delete A Reference List?
Hey Folks, I ran into a situation today where I wanted to delete a reference list but couldn't figure it out. ...
How to forward logs from Mysql DB server's table to Chronicle cloud or Chronicle Forwarder
Hi,We have a software product which writes logs to specific tables on Mysql DB on a Windows server, we need to...
Chronicle script giving 404 (Resource Entity not found) at the time of ingesting logs to chronicle
Hi, CommunityWe have one of the chronicle script from https://github.com/chronicle/ingestion-scripts executing...
I want to change my Chronicle SSO provider using Google SSO, but facing this issue ..
I want to change my Chronicle SSO provider using Google SSO, but facing this issue when trying to create Workf...
Cloudflare log ingestion to Chronicle
Hi Team,Other than fetching the cloudflare logs from a GCS bucket is there any way by which we can ingest clou...
API to manage alerts
Hi,is there any API endpoint to manage alerts? We'd like to be able to close alerts from scripting and externa...
EDR & DLP Server TrendMicro and Database (MSSQL, Oracle, Sybase)
How to integrate EDR & DLP Server TrendMicro and Database (MSSQL, Oracle, Sybase)in SIEM.Could you please shar...
Ingest API permission 403 error
Hello All,We are trying to ingest logs into chronicle via API, during which 403 permission error appears.Do we...
Setting rule run-frequency via API
Hi Does anyone know if this is managed just via the UI intentionallyhttps://cloud.google.com/chronicle/docs/de...
Chronicle Alert export to the hive
Hi,I want to export alerts from Chronicle to TheHive. How can I realize that. I made search for REST API but I...
FLUENTD Logs Uploaded by forwarder not showing on Chronicle
Hi All,I recently tried to do a PoC of chronicle SIEM and after setting up a forwarder to send logs collected ...
Chronicle Ingestion Script errors
Recently we've been having trouble getting several Chronicle Ingestion scripts working (found here https://git...
Failed to connect to Chronicle Alerts APIs
We are try to extract alert generated in Chronicle instance with the below approaches: Approach 1: https://clo...