About f3rz

f3rz

@Rafaeleite2 You can find grouping documentation here: https://cloud.google.com/chronicle/docs/soar/investigate/working-with-alerts/alert-grouping-mechanism-admin Together with grouping I would recommend you to use action "Find First Alert" from "Too...

f3rz

You can find the SOAR URL in any SOAR settings by looking at the URL to which API requests are being sent in the DevTools of your browser. and then as @TonyH mentioned above, you can add to it "swagger/index.html" to load swagger:

f3rz

@skadav , I'm sorry for the misunderstanding. You mentioned the Staging and Production modes of IDE. Unfortunately, testing jobs there are not fully supported (some of them may work in IDE, some of them won't). I would recommend you to submit an FR t...

f3rz

Could you please elaborate more on what you mean by there is no option to create new job? Job creation should be available in all SOAR and SecOps instances.

f3rz

@bein this requires a playbook to be executed, and since a playbook can be attached only to the specific case/alert you need a way to generate it. In theory, it should be possible to achieve with custom development or feature requests to have a Teams...

My Stats

chriswragge's Bio

Badges f3rz Earned

Recent Activity

Re: How can I group alerts?

Re: Access SOAR swagger with unified SecOps UI

Re: "Google Chronicle version 42" having issue in "Google Chronicle Sync Job"

Re: "Google Chronicle version 42" having issue in "Google Chronicle Sync Job"

Re: Trigger Activation from Teams Channel/Group Chat in SOAR