SIEM

Discussion List

• 
  Dashboard for time between logging and detections firing

  Does anyone have any advice on how you could create a dashboard to see the average amount of time b…

  Andrew Malone 31 views 3 comments 0 points Most recent by ShakedTal March 9Chronicle Best Practices
• 
  Is it possible to use Arrays.contains with two variables in Yara-L?

  In the documentation it seems that the arrays.contains function can be used like the following,  ar…

  Andrew Malone 11 views 5 comments 0 points Most recent by Brad McCrillis March 2Chronicle Best Practices
• 
  SIEM Rules

  Curious, do people share rules here that they have developed? Based on seen activity or just rules …

  Brad McCrillis 1 view 0 comments 0 points Started by Brad McCrillis February 3 SecOps Community
• 
  Rules and how they works

  Does anyone know if Google have a list of Rules which are available in Chronicle Security and are b…

  Hitesh Patel 11 views 1 comment 0 points Most recent by Brad McCrillis January 30Chronicle Platform
• 
  Open sourced our Chronicle detection rules

  Hey all, I open sourced our Chronicle detection rules (and a few helpers) on Gi…

  Mikail Tun 11 views 4 comments 1 point Most recent by Mikail Tun January 4SecOps Community
• 
  Enterprise insights feature

  Hi All, I was wondering if the Demo has the 'Enterprise insights' feature

  Yaniv_Menasherov 1 view 0 comments 0 points Started by Yaniv_Menasherov December 2022 SecOps Community