This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
Webinar May 29th: Log Ingestion: Bindplane + Google SecOps
Log in to ask a question

search id for udm and raw_log search

Posted on 09-07-2024 07:30 AM
Emmie-123
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Hi Community, I have two questions/doubts.

1. is there any way to pull the search ID for every user search on chronicle(Google Secops) siem?

If yes, how do we pull the search ID for the udm and raw_log searches?

2. can we get MD5/Hash() function details for user search(data access logs(gcp cloudaudit))

Please assist me with this.

@rafaelramirez  @cmorris 

Best regards,

Emmie

 

 

0 1 142
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
cmorris
Staff
Reply posted on --/--/---- --:-- AM

Information around audit logging, to include search, can be found here - https://cloud.google.com/chronicle/docs/administration/audit-logging

0 Likes
Top Solution Authors
View all