We are excited to announce the availability of Google Cloud Security Customer Success subscriptions. Optimize ...
Dear All,Could anyone please give me the script for ingestion UDM events directly to Chronicle via an Ingestio...
Is Google SecOps support the following log collection protocols: Syslog over Syslog NG, SDEE(Security Device E...
Hi!I want to generate a rule that looks for the value of 'target.ip' field in a reference list.I have 3 refere...
Hey AllIn the workspace user parser my users get the same email added to the entity.user.email_addresses field...
Limit S3 Ingestion to Particular DateAs per below URL https://cloud.google.com/chronicle/docs/ingestion/ingest...
Hi everyone, I need to migrate a SPL rule to Chronicle, can someone assit how this can be converted to YARA-L?...
Is there any documentation available that outlines the differences between audit logs and user activity logs? ...
How do i resolve thia error? Who do I need to reach out to? { "error": { "code": 403, "message": "Malachite In...
I've tried found solutions on google but none fixed my issue.Have you already faced this prolem ?You help woul...
Why we are getting the output in the below format when we validate the sample log with parser using cbn-tool/c...
Does anyone have or know a tool to generate custom parsers for logs
Hey Team,I'm looking for a way to parse raw logs outside of Chronicle to UDM, does something like that exist? ...
I'm configuring a PowerShell script and Task Scheduler to export Windows AD logs (user_context & asset_context...
I want to add longer descriptions in the meta of some SIEM rules so the info shows up in the related SOAR case...
Dear All,Could anyone please give a documentation for how to use "BindPlane OpenTelemetry collector" for syslo...
Hi Team,I am looking to get an alert if I miss a log from an endpoint from a server. Since the ingestion API m...
Team,I am in the process of deploying Google Chronicle in our organization and following the instructions prov...
Hi How can I detects suspicious links and files that been sending outside of my domain?
Hello,How can I perform a transformation to the data in the environment ?Thank you
Hello Team,For the 'impossible_travel_login_activity' alert involving from a user, our initial review of the e...
Hello,I need to send alerts from one chronicle siem to another.How can I do this?Thank you
I've seen conflicting information on this topic: Is it required today that a new Google SecOps client bring th...
Good morning, I have a question about log ingestion via the ingestion API. Initially, my logs contained only 1...
HiWithin the Kubernetes Node parser, I am trying to split the textPayload into separate fields. The textPayloa...
Hello Team,Can you please help me with parsing the CSV log? While there are no errors during parsing, I am onl...
Hello Team,Can someone assist me with pattern matching and parsing this type of log in Chronicle?"version acco...
Hello everybody!A client requested to inject "Sharepoint" into their SIEM instance so, as usual, the first thi...
User | Likes Count |
---|---|
8 | |
6 | |
5 | |
3 | |
3 |