Interpres Application - Chronicle

Type: SIEM/Data Lake
Vendor: Google
This app integrates with Google Chronicle to get Detections and Alerts.
In order to get Google Chronicle Telemetry please create an integration with Google BigQuery.
Vendor setup
Contact Google to generate a Service Account﻿
Add Roles to Service Account
roles/chronicle.viewer (or add permissions to list alerts and rules)
Generate service account keys (json file)﻿
App Configuration
App Parameters:
Base URL: Chronicle API base URL (i.e: https://backstory.googleapis.com)
Credentials: The entire contents of the Google Cloud OAuth2 credential.json file
App Validation
Check there is connectivity (green light) in the integration created.
Implemented Actions
Get Detections: Gets Chronicle latest version of rules.
Get Alerts: Gets the latest asset-based and user-based alerts.
﻿

Did this page help you?

Interpres Application - Interpres Application - Carbon Black

Interpres Application - Cisco Secure Endpoint