Attending RSAC 2024? Join us at the upcoming Google Security Operations workshop, where we'll do a deep dive i...
We are excited to announce the availability of Google Cloud Security Customer Success subscriptions. Optimize ...
Hi All I have been working to create an approach for customers migration from existing SPLUNK SIEM (on prem) t...
Curious, do people share rules here that they have developed? Based on seen activity or just rules in Dev?For ...
Hey everyone,I've been writing Yara-L rules for a while now and I wanted to share some of mine here for people...
I will like to know, if this type of SIEM needs agents to be installed on the client host?
Hey all, I open sourced our Chronicle detection rules (and a few helpers) on GitHub a couple of weeks back. I'...
Hey Team,I'm looking for a way to parse raw logs outside of Chronicle to UDM, does something like that exist? ...
Hi all, what is the process we should be following to ensure we don’t get duplicate events? I found one refere...
Hi!I wrote a YARA-L rule for IOC matching where i need to check if the confidence level of the IOC is above 75...
Hi i'm searching for an API to monitor EPS for number of events ingested, parsed in UDM etc, Is there anything...
Hi all, I was writing a YARA-L detection rule in the Chronicle editor and I need to match the string "C:\Progr...
Hi all, can we send logs to chronicle via intranet traffic instead of going over the internet?
I have a question: When Ingesting from GCS buckets using feeds management UI, it mentions that chronicle doesn...
Hi there! Is there a way to simply inject syslog without any parser (because there is none available for the p...
Does anyone have any advice on how you could create a dashboard to see the average amount of time between the ...
In the documentation it seems that the arrays.contains function can be used like the following, arrays.contain...
Does anyone know if Google have a list of Rules which are available in Chronicle Security and are base on whic...
What’s been your experience sharing log parsers with people on this community? Has it been beneficial? Risky? ...
Hi Team, Looking for guidance creating customers in chronicle siem using the api. Can't seem to get it working...
Hi All, I was wondering if the Demo has the 'Enterprise insights' feature
@Lokesh_Dachepal If you don't want to use a SIEM product, you can always do Windows event forwarding to get al...