This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
Webinar May 29th: Log Ingestion: Bindplane + Google SecOps
Log in to ask a question

How to send a chronicle siem alert to chronicle soar?

Posted on 04-11-2024 06:52 AM
luffffy
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

How to send a chronicle siem alert to chronicle soar? So basically we would need to send a chronicle siem alert/event to be created as a alert/cases in chronicle SOAR. How can we do this?

Solved Solved
2 2 1,055
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
jstoner
Staff
Reply posted on --/--/---- --:-- AM

Not knowing your architecture, the general flow would be that within the the SOAR settings, you can select Ingestions - Connectors to see your connectors.

You would have the Google Chronicle integration installed and then configure the integration with the service account. Additional options like filtering on the specific rules that you want alerts to be pulled into the soar are available as well. I realize this is a bit high level but those are the key pieces to it.

jstoner_0-1712869604381.png

 

View solution in original post

Jump to Solution
2 REPLIES 2
Top Solution Authors
View all