New Google Cloud Security Customer Success Services Available!
We are excited to announce the availability of Google Cloud Security Customer Success subscriptions. Optimize ...
•
We are excited to announce the availability of Google Cloud Security Customer Success subscriptions. Optimize ...
Hello,If I understand correctly you currently cannot use UDM search to look at entity data directly? For examp...
Recently trying stats in search (Preview) but it seems not working on our end. Tried the sample in documentati...
Hi, My reading suggests otherwise but wanted to ask on here whether anyone had successfully managed to create ...
Attending RSAC 2024? Join us at the upcoming Google Security Operations workshop, where we'll do a deep dive i...
I want to change my Chronicle SSO provider using Google SSO, but facing this issue when trying to create Workf...
Is there anyway of querying via a UDM search to find alerts that have triggered?Thanks
Hello,I am looking at the following preview documentation:https://cloud.google.com/chronicle/docs/preview/sear...
Hi,How can we filter logs related to authentication failure across all log sources. We can see authentication ...
Zeek(used to be Bro) is an open-source Network Security Monitor that can be used for Detection System and netw...
I am looking at the following blog:https://chronicle.security/blog/posts/new-to-chronicle-a-new-view-for-searc...
@Marie_Chudolij YouTube video 2-27-24 - Chronicle SOAR to the Rescue: Orchestrate SIEM Reference List Updates ...
Empowering Detection Engineering with Chronicle SIEM and Mandiant Security Validation Introduction Detection e...
Utilizing Chronicle's first seen and last seen feature to create somewhat of an anomaly-based detection. The d...
I'm currently building a detection that needs to extract data from one field and pass it to a variable to matc...
Hello,I'm currently exploring the various dashboard options to distinguish between logging hosts and non-loggi...
I'm interested in developing an anomaly detection rule in Chronicle. This rule should monitor for a particular...
Hi there,A bit of context: I'm trying to develop a pySigma backend and pipelines for chronicle, so we can full...
I am looking at the structure of a UDM Entity:https://cloud.google.com/chronicle/docs/event-processing/udm-ove...
Hi,My question is pretty straight forward. I am maintaining a list of blacklisted process in my organization t...
Hi community. Yesterday I noticed something weird working on Chronicle SIEM. We received an alert coming from ...
Hi, I would like to know how other security team use the IOC matches alerts. Where I work, we are using the IO...
Hello,Was wondering if this is even possible, but have parameter input in a saved search that you can fill out...
Hi All,Is there any way to combine a raw log search with some UDM filter applied. Let's say I want to search a...
Hi,Is there a way to ingest Hubspot CRM audit logs to collect to Chronicle? I think we can collect them to GCP...
Hi All,I recently tried to do a PoC of chronicle SIEM and after setting up a forwarder to send logs collected ...
Recently I reviewed an article covering an attack path that an actor took in a Google Workspace/GCP environmen...
Hey folks!!For GCP audit logs does anyone know if there are any udm event for storage.object.get or storage.ob...
What does this different color (Green, Grey, Red, violet etc..) coding says for an Event? Are there any more ?...
I ingested 911K log lines and I can see in the "Data Ingestion and Health" dashboard that 8.2K failed, but I d...
Hi,is there a way to create a reference list via the GUI? The only way I found is via APIs...Thanks.A