Google Chronicle Backstory Streaming API

Use the Google SecOps Streaming API integration to ingest detections created by both user-created rules and Google SecOps Rules as XSOAR incidents.

Analytics & SIEM · Google SecOps

Configuration parameters

  • credentials — (required)
  • use_v1_alpha — Use V1 Alpha API
  • url_format — API URL Format
  • project_instance_id — Google SecOps Project Instance ID
  • project_number — Google SecOps Project Number
  • region — Region
  • other_region — Other Region
  • incidentType — Incident type
  • first_fetch — First fetch time
  • longRunning — Long running instance
  • alert_type — Google SecOps Alert Type
  • detection_severity — Severity of Detection
  • rule_names — Rule Names for Detection Ingestion
  • exclude_rule_names — If selected, detections with the above rule names will be denied for ingestion.
  • rule_ids — Rule IDs for Detection Ingestion
  • exclude_rule_ids — If selected, detections with above rule IDs will be denied for ingestion.
  • default_severity — Default Severity of Incident
  • insecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings

Commands (0)

This integration defines no commands.