Chronicle Security by Google

See the code

The Chronicle Security Block includes pre-built dashboards and content focusing on the Data Ingestion Status and Health, context for Rule Detections, IOC matches and Alert prioritization, User Sign-ins, Asset Lookups, and Domain Lookups.

Why use the Chronicle Security Looker Block?

  • Rapid Time To Value - gain insights from your Chronicle data in minutes, not hours. The Chronicle Security Block includes pre-built dashboards and content focusing on the Data Ingestion Status and Health, context for Rule Detections, IOC matches and Alert prioritization, User Sign-ins, Asset Lookups, and Domain Lookups. Additionally, this data is organized into various Explorer views to enable adhoc querying and exploration of the Chronicle data.
  • Centralized Place for Analysis - No need to play the swivel chair game and go between different consoles, you can do self-service reporting for Chronicle data right here in Looker. Plus, you can combine your Chronicle data with other security and non-security data in your warehouse for end-to-end analysis.
  • Democratization of Data - Security Analysts, managers and executives can easily build their own dashboards, and any user is equipped to ask and answer their own questions, save and share their own reports.

Pre-requisites

  • This block works with Chronicle datasets in Google BigQuery.
  • BigQuery Export feature needs to be enabled for your Chronicle tenant. Reach out to your Chronicle representative to set this up.`
See the code

Related Blocks

OTT Content by Datazoom

This block will help you understand content consumption patterns, and increase viewership though content...

Hubspot Essentials by Keboola

Analysis of essential entities in Hubspot to understand the sales cycle and pipeline

Subscription Revenue Essentials by Keboola

Out-of-the-box analysis for Churn, Retention and LTV.