This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
New SecOps Webinar May 14th! Learn about Gemini's generative AI within Google SecOps
Log in to ask a question

Fetch Gemini Data from API in SecOps

Posted on 03-26-2025 01:04 AM
messier63
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Hi Team,

We need to retrieve the Gemini-generated report via API for each case as it is generated. Can we access this outside the platform, or can we export the generated results via API? Either option would work for us.

0 5 126
Topic Labels
0 Likes
5 REPLIES 5

Posted on --/--/---- --:-- AM
ylandovskyy
Staff
Reply posted on --/--/---- --:-- AM

Hey @messier63 ,

We have an action called "Create Gemini Case Summary" under Siemplify integration. If the summary already exists, it will return the existing one and it will be accessible via action outputs. Is this what you are looking for?

Posted on --/--/---- --:-- AM
messier63
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

hi  @ylandovskyy ,

Is it possible to modify and use the Gimini code for further use like analysing the case comments?

 

0 Likes

Posted on --/--/---- --:-- AM
ylandovskyy
Staff
Reply posted on --/--/---- --:-- AM

We have an integration called "Vertex AI", which allows you to execute prompts. You can use this integration with action "Get Case Details" from "Tools" powerup to fetch the comments and then ask questions about those comments.

For more details, refer to this post: https://www.googlecloudcommunity.com/gc/SecOps-SOAR/Leverage-GenAI-in-automation-with-Vertex-AI-inte...

0 Likes

Posted on --/--/---- --:-- AM
messier63
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

hi @ylandovskyy 

i have one query, let's say I rerun the create gimini summary action 
now i have the entities which are enriched from various sources like VT ,Azure AD etc, and the enriched entity property has been added in each enriched entity 
so the gimini will read all those properties and the enrichment and generate the summary? 

0 Likes

Posted on --/--/---- --:-- AM
ylandovskyy
Staff
In response to messier63
Reply posted on --/--/---- --:-- AM

Hey @messier63 

Let me confirm it internally, but from what I know the Gemini Case Summary only takes the context of case/alerts, but it doesn't go into individual properties of entities.

But what you can do is use the action "Describe Entity" from Vertex AI integration. It will summarise all of the enrichment associated with entities and render a widget for it.

0 Likes
Top Solution Authors
View all