Solved: Having issue with Lab Analyze Findings with Securi...

aiblair20 · 01-30-2025 09:40 PM

Has anyone else experienced the same issue? How did you resolve it? I’ve also reached out to support, and they’re testing it, but I haven’t received any updates on a fix yet. I guess that's the only way to resolve it for now, or should I try fixing it in findings.jsonl?

RAOKS

No problem with this lab. Please follow steps as per Lab. wait for below output (as per below image) before exporting to cloud storage. and when exporting to BigQuery always select format as "JSONL".

repeat below command till you get o/p. it takes 10 to 15 mins. to display. This is very important step in this lab. I hope this information will help you to solve problem. All the best.

--------------------------------------------------------------------------------------------------------------------------

bq query --apilog=/dev/null --use_legacy_sql=false \
"SELECT finding_id,event_time,finding.category FROM continuous_export_dataset.findings"

-------------------------------------------------------------------------------------------------------------------------

View solution in original post

mokit

Hi, @aiblair20.

I didn’t encounter any issues when I tried this. Let’s go through the steps carefully again. If you still get the error, please use the 'Chat Support' option in the top-right corner. They should be able to help identify the issue if it persists.

Regards,
Mokit

View solution in original post

aiblair20

Thanks, everyone. The issue has been resolved. I mistakenly chose the JSON instead of the JSONL.

View solution in original post

A11an

Answer pls what they finally said

For me they always have only answer "Everything is working"

Its a hi-tech google method to earn money. Did they return you credits for broken lab?

RAOKS

No problem with this lab. Please follow steps as per Lab. wait for below output (as per below image) before exporting to cloud storage. and when exporting to BigQuery always select format as "JSONL".

repeat below command till you get o/p. it takes 10 to 15 mins. to display. This is very important step in this lab. I hope this information will help you to solve problem. All the best.

--------------------------------------------------------------------------------------------------------------------------

bq query --apilog=/dev/null --use_legacy_sql=false \
"SELECT finding_id,event_time,finding.category FROM continuous_export_dataset.findings"

-------------------------------------------------------------------------------------------------------------------------

mokit

Hi, @aiblair20.

I didn’t encounter any issues when I tried this. Let’s go through the steps carefully again. If you still get the error, please use the 'Chat Support' option in the top-right corner. They should be able to help identify the issue if it persists.

Regards,
Mokit

aiblair20

Thanks, everyone. The issue has been resolved. I mistakenly chose the JSON instead of the JSONL.

Having issue with Lab Analyze Findings with Security Command Center