This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
New SecOps Webinar May 14th! Learn about Gemini's generative AI within Google SecOps
Log in to ask a question

What is BigQuery export feature in Chronicle ?

Posted on 10-26-2023 10:52 PM
abhi-kakadiya-7
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

There's an official Chronicle Looker block available on the Marketplace, and it mentions that the 'BigQuery Export feature needs to be enabled for your Chronicle tenant.' Can someone please explain what this feature is and how I can set it up?

Block on Marketplace 

I understand that this feature involves the Chronicle sending parsed events to BigQuery, which can then be used to connect with Looker. I'm currently facing delays in seeing these events in BigQuery. Is there anyone who can assist me with this issue?

0 1 521
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
manthavish
Staff
Reply posted on --/--/---- --:-- AM

Hi Abhi,

Your understanding that we send parsed events to BigQuery is correct. More information on this feature is available here.

Regarding delays and whether that is within guidelines or not, I recommend opening a support ticket to investigate further.

0 Likes
Top Solution Authors
View all