This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
Webinar May 29th: Log Ingestion: Bindplane + Google SecOps
Log in to ask a question

How to build an alert when chronicle siem ingestion?

Posted on 04-16-2023 01:35 AM
Pieter_Van
New Member
Reply posted on --/--/---- --:-- AM

Hi all, we are trying to build an alert when chronicle siem ingestion would drop by 20% for a certain type of logs within an hour, does anyone have experience with something like this?

0 1 435
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
shakedtal
Staff
Reply posted on --/--/---- --:-- AM

Hi Pete, if you migrated to Bring Your Own Project preview then you can use GCP Cloud Monitoring, which can create percentage based deviation alerting - see the blog written by one of our team members - https://medium.com/@thatsiemguy/chronicle-forwarder-telemetry-via-google-cloud-monitoring-39ccb32b38...

0 Likes
Top Solution Authors
View all