Solved: Re: Reporting through Dashboards

AymanC · 09-29-2023 11:29 AM

Hi All,

I'm looking for a way to fulfill reporting requirements, potentially through dashboards. I understand that going into the "Alerts" section, this allows you to export data with filters set. However, this is a manual process and don't include data such as who has closed an alert.

Is it possible to create this in a Dashboard, which would show alerts that were closed, their status and other relevant data, as well as who has closed the alert, this is to fulfill reporting requirements.

Chris_B

No, I don't think it is. Neither is case management. I may've made an assumption you had the Chronicle SOAR also - so my answer is not terribly helpful - I'm sorry.

View solution in original post

Chris_B

For "data such as who has closed an alerts" and other case management monitoring the SOAR (Siemplify) has some canned dashboards.

AymanC

Hi Chris, thank you very much for you reply.

Do you know if this is a feature in the standalone Google Chronicle SIEM?

Chris_B

No, I don't think it is. Neither is case management. I may've made an assumption you had the Chronicle SOAR also - so my answer is not terribly helpful - I'm sorry.

AymanC

Thank you very much for your response. It appears so 😞

Webinar May 29th: Log Ingestion: Bindplane + Google SecOps

Reporting through Dashboards