This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Here’s where you’ll find a buzzing community of Security professionals from around the world with one common mission: bringing their Security platforms to the next level.
Is there a Chronicle feature request form? Or a Chronicle feature
request forum with voting?I searched in the Chronicle forums and did not
find anything currently relevant. I did find the Issue Tracker
https://issuetracker.google.com/issues?q=compone...
@Marie_Chudolij YouTube video 2-27-24 - Chronicle SOAR to the Rescue:
Orchestrate SIEM Reference List Updates for Improved Threat DetectionI
suggest IP addresses and info inferred from IP address can be unreliable
for remote login analysis as:- the g...
Anyone have a good experience ingesting Windows logs into Chronicle?
I’ve heard nxlogs , cribl, etc. E.g. can Chronicle use cribl stream ? I
see there’s “edge” and “stream” flavors of cribl?
Update: we found more info about log delays related to an EDR. The EDR
is clooud based and its logs are pushed to a cloud bucket. The bucket is
then polled per a cadence and the hop to a bucket then to SIEM ingest
together with the cadence time add t...
Yeah this isn't working...I want to suggest a feature request (change in
UI) , but can't...I go to create a case
(https://console.cloud.google.com/support/createcase etc etc), select
SIEM, and the only subjects I can open a case about are New Logtype...
Do you have Chronicle SIEM and Chronicle SOAR (aka Siemplify)? OR just
the SIEM?My team has both Chronicle SIEM and SOAR and we primarily use
VirusTotal for SIEM detection enrichment in the SOAR.It looks like
enrichment is possible in detection rules...