This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
The Google Cloud Security Community is upgrading platforms!

Read more and check out our FAQ
Log in to ask a question

Can we execute a retro hunt using the playbook based on the provided timeline?

Posted on 01-16-2025 02:04 AM
vanitharaj1208
Silver 2
Silver 2
Reply posted on --/--/---- --:-- AM

is it possible to run retrohunt from playbook ?

Solved Solved
0 2 190
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
RanjithHegdeK
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Hello @vanitharaj1208 

Yes its possible to execute Retro hunt from the playbook using Action "Execute Retrohunt" from GoogleChronicle. Rule ID, Start time and End time is required.

Reference: Google SecOps  |  Google Security Operations  |  Google Cloud

Thanks

View solution in original post

Jump to Solution
2 REPLIES 2

Posted on --/--/---- --:-- AM
RanjithHegdeK
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Hello @vanitharaj1208 

Yes its possible to execute Retro hunt from the playbook using Action "Execute Retrohunt" from GoogleChronicle. Rule ID, Start time and End time is required.

Reference: Google SecOps  |  Google Security Operations  |  Google Cloud

Thanks

Jump to Solution

Posted on --/--/---- --:-- AM
vanitharaj1208
Silver 2
Silver 2
Reply posted on --/--/---- --:-- AM

I have a rule that previously generated detections, but now when I attempt to run a retro hunt, it is not generating any alerts.

Jump to Solution
0 Likes
Top Solution Authors
View all