This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

How can I set the event type in a custom connector?

Posted on 09-13-2024 12:20 AM
jaymin
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

I’ve set up a custom connector and successfully ingested alerts into the platform. However, when attempting to map entities for the event on the ontology page, it shows "unknown_event_type." I’m uncertain about how to define the event type within a custom connector. Could you guide me on this?


Solved Solved
0 3 263
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
f3rz
Staff
Reply posted on --/--/---- --:-- AM

Hi @jaymin it determines by event_name, please see more: https://cloud.google.com/chronicle/docs/soar/respond/start-developing/developing-the-connector

View solution in original post

Jump to Solution
3 REPLIES 3

Posted on --/--/---- --:-- AM
f3rz
Staff
Reply posted on --/--/---- --:-- AM

Hi @jaymin it determines by event_name, please see more: https://cloud.google.com/chronicle/docs/soar/respond/start-developing/developing-the-connector

Jump to Solution

Posted on --/--/---- --:-- AM
SoarAndy
Staff
Reply posted on --/--/---- --:-- AM

Are you setting

event["event_type"] = 
Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
jaymin
Bronze 5
Bronze 5
In response to SoarAndy
Reply posted on --/--/---- --:-- AM

No, I was using event["event_name"] =,
but the main reason for the event type not setting is that I did not add "event_name" value under the "Event Field Name" configuration option of the connector. Once I did this, I am able to see the event type being set.

Thanks. 

Jump to Solution
Top Solution Authors
View all