Attending RSAC 2024? Join us at the upcoming Google Security Operations workshop, where we'll do a deep dive i...
We are excited to announce the availability of Google Cloud Security Customer Success subscriptions. Optimize ...
We are in the process of integrating Oracle Cloud with Google Chronicle. Please share the possible methods for...
Dear Community,Did anyone manage to successfully transform or parse Windows Event Logs (System, Security) that...
what is the correct log type OR ingestion label to use in the chronicle forwarder configuration for the follow...
I've set up a AWS CloudWatch feed to ingest EKS audit logs from an S3 bucket. Initially it fetches one file wi...
I am trying to integrate Azure AD SSO with Chronicle SIEM , The relevant team has provided the required keys t...
April 26, 2024 The feed management feature is now enhanced to include the following: Feed names: You can assig...
We are looking to provide an MSSP type of service and build an XDR service, currently looking to explore how d...
In the event a forwarder crashed, let's say 24-48 hours of downtime.How can we recover the events that were me...
Hello,I'm setting up asset enrichment through the ENTITY_CONTEXT. I have configured time interval as below:By ...
Hi Community,Did anyone try to ingest a completely custom log data to Chronicle SIEM?I mean log data which doe...
Good afternoon! I want to ingest Azure Activity Logs into our Chronicle instance. For that, I have found the f...
Hi!I am configuring a feed on Chronicle SIEM to obtain Azure Activity Logs following this guide: Ingest Azure ...
Are you installing Chronicle forwarder and get the following error when setting up the forwarder when trying t...
Hi All,Is there any way that we can find the duplicate events ingested into chronicle. If yes, could you pleas...
How are others ingesting Gmail logs into Chronicle?We've been sending them directly to BQ and querying them th...
How to send a chronicle siem alert to chronicle soar? So basically we would need to send a chronicle siem aler...
In Chronicle If I didn't log from a particular source within a timeframe of 30 minutes, will we be able to cre...
Hello,I need to develop some code to that will export the characteristics of servers and various network eleme...
Hello!I am trying to understand the statedump of a for loop.Raw log in JSON: { "data":{ "businessPhones":[ "(1...
I have multiple firewalls (same log type) sending logs to a single collector and I need to identify them by th...
Hi Team,We are using Wazuh agent in some of our endpoint and using Chronicle forwarder to ingest those logs in...
Hi,We have a software product which writes logs to specific tables on Mysql DB on a Windows server, we need to...
Hi guys, I have q question while setup chronicle.When checking ioc matehes log, I can check the feed informati...
Hi, CommunityWe have one of the chronicle script from https://github.com/chronicle/ingestion-scripts executing...
I am trying to pull data by using the CSV Custom IOC feed from a GCP storage bucket. Looking at the Parser I s...
What will be Impact on the logging capabilities if we have Office 365 Business Premium licenses (and not E3 or...
We are currently trying to get our feet wet in managing our own parsers in Chronicle. We have started with Vir...
Hi Team,How can we check MFA logs/events in Chronicle SIEM using O365 (log source).
Hi All,Please help us, how to write the use cases for Network devices in SIEM.Please share with me if have any...
Hi,How can we filter logs related to authentication failure across all log sources. We can see authentication ...