New Google Cloud Security Customer Success Services Available!
We are excited to announce the availability of Google Cloud Security Customer Success subscriptions. Optimize ...
SOAR Forum
Find answers to your questions from passionate experts in the community, share industry updates, and engage in discussion.
Forum Posts
Is there a Chronicle Trial for the SIEM ?
Is there a Chronicle Trial for the SIEM part that allows you to test ingestions?
Chronicle SOAR not sending invitation Email
Goodmorning,I've got a little issue in my infrastructure. We've got a Test environment SOAR , there are some u...
Dynamic Instances for same Environment
Is there a way to automate it when there are multiple instances in one Environment? For example, 3 tenants wit...
How to test created remote agent in soar of chronicle google
I created remote agent in SOAR>Advance>Remote Agentand how can I test to execute chronicle example test case r...
TIPCommon Library Installation
How can I install TIPCommon Library in a custom integration ?
Support newer python versions on SOAR
Hey guys,I understand keeping a few older python versions available for integrations, but currently the only v...
Solutions for playbook failed associated within case
Hello,I'm looking into possible solutions to have a use case as if the playbook attached to case, and that plb...
Create a loop in a playbook
Hello,Is there any way to create a loop action inside the SOAR playbook?
Closed Case Search
I'm currently using the below to get all closed cases within our SOAR platform - https://cloud.google.com/chro...
Writing Data to the File System
There are a few situations where it would be useful to write data to the file system, but my experience is tha...
Builtin email settings vs. Exchange integration
Hi, If I want to send\ receive emails to\ from customers via a dedicated mailbox, what would be the best way t...
Compare similar cases
I have a doubt, I am making a playbook in which I use two actions (Get similar Case), in one of them I look at...
Decrypting encrypted log traffic to the forwarder
We have a Chronicle forwarder set up, and we plan to send logs to it. Logs will be sent over the internet, so ...
Chronicle SOAR: Shift Roster
Good afternoon,I am currently trying to implement case assignments based on different shifts amongst the team ...
Chronicle SOAR ZSCALER integration
Does anyone have some guidance on how to configure integration between Chronicle SOAR and Zscaler ZIA? From th...
activityKind
HiI was wondering if there is an official list of activityKind?I see activitykind in wall data json for a give...
Clickable Links in Google SOAR Case Comments / Instructions / Insights / Event Details
Hey Team,Is it possible to create a clickable link in Incidents Comments / Instructions or Insights.For exampl...
case_free_search explanation
Hey All!Can someone explain what the 'case_ids_free_search' parameter is used for here? - https://cloud.google...
Dashboard: Time to Respond & Time to Resolve
Does anyone know how to create such a dashboard or event get the data in order to track Time to Respond and Ti...
Chronicle Database
Where can I find the license types for Chronicle (community plan enterprise plan)?
Close Source alert while closing SOAR case
Hi,we have several sources of alerts integrated in the SOAR. We'd like that, when we close the case in the SOA...
Localization settings don't work as expected
When I click the my user icon (I'm an admin) in the upper-right, there is a "localization" option that allows ...
Can i Integrate Chronicle SIEM with MISP or a similar platform like OpenCTI?
Hey Folks, Has anybody integrated Chronicle SIEM with MISP or a similar platform like OpenCTI? I'm pretty sure...
URLhaus and SPAMhaus
I have two feature requests if anyone is interested. Also the API is pretty well documented if you don't want ...
Authentication casesearchapi
HiI am getting 401 for call to casesearcheverything api callThe calls works for my company domain swagger but ...
Ingesting Windows logs into Chronicle
Anyone have a good experience ingesting Windows logs into Chronicle? I’ve heard nxlogs , cribl, etc. E.g. can ...
CaseSearchEverything API
HelloI'm looking for a solution into using CaseSearchEverything API. As I understand1) it returns all cases ba...
Is there any way through which we can get the raw logs from Chronicle SIEM back to SOAR?
Hey Team, Is there any way through which we can get the raw logs ( not UDM mapped) from Chronicle SIEM back to...
Get Insights \ Detailed table from JSON results
Hey,I`m struggling with some issues when trying to present insight on the case\ alert page after enrichment ac...
Part 1: Dipping Your Toe into SOAR: Understanding the Basics
Part 1: Dipping Your Toe into SOAR: Understanding the Basics The Ocean of Security Threats The relentless barr...
