Google Cloud Security Community

Joel_Yue · 06-18-2023

Hi how do i search for unparsed logs? My dashboard show 9 sysmon logs but no matter how i vary my search string, my search only returns 1 log event

Joel_Yue · 06-04-2023

Hi all, can we send logs to chronicle via intranet traffic instead of going over the internet?

Joel_Yue · 06-18-2023

Chronicle dashboard indicates 9 sysmon events came in but then i do a raw event regex search with .*, it only returns 1 log event. I cant see what are the other 8 sysmon events that went into chronicle.

Joel_Yue · 06-18-2023

i use the regex .* as the search string. I extended to the max time period and it is still the same

Joel_Yue · 06-04-2023

Noted on that. If i have a direct link and i can send my logs to a Google Cloud account, can chronicle ingest from the Google Cloud account without going out through the internet?

Google Cloud Security Community

My Stats

Joel_Yue's Bio

Badges Joel_Yue Earned

Recent Activity

How can i search for unparsed logs?

is there a way to send logs to chronicle via intranet traffic instead of going over the internet?

Re: How can i search for unparsed logs?

Re: How can i search for unparsed logs?

Re: is there a way to send logs to chronicle via intranet traffic instead of going over the internet?