Hi pable_vallejo, It sounds like that you have validated the existence of your project. Here are a few other troubleshooting steps you might follow: Refresh and validate: Refresh your Chronicle tenant and wait a few minutes to see if it appears Clear...

Hi Praveenjain45, Yes, you can utilize Google Security Operations forwarders for Linux, Windows, and even docker! Please find the docs below for reference: https://cloud.google.com/chronicle/docs/install/forwarder-linux https://cloud.google.com/chron...

Hi Mai9, Here are some suggestions: Ensure you are ingesting your email logs Create rules that look for emails sent to external domains(they don't match your approved domains) Implement rules to identify emails containing potentially malicious URLs(e...

Hi Shaik, Google Chronicle SIEM customers can leverage several automation strategies to check for duplicate ingested data. Here's a breakdown: 1. Hash-Based Deduplication Mechanism: Calculate a cryptographic hash (e.g., MD5, SHA-256) of the essential...

Hi NikhilBattula, Here are some sample UDM searches applicable to Google App Engine default logging to help get you started following by a YARA sample: Event Type: HTTP_SERVER_LOG (or whatever your equivalent log source is) App Engine Domain: We used...