About cmorris

cmorris

Hi anshul, You can find the formats that the default parsers support on this page by searching the log source - https://cloud.google.com/chronicle/docs/ingestion/parser-list/supported-default-parsers In the case of PULSE_SECURE_VPN, SYSLOG is the sup...

cmorris

The resource @AymanC linked should help. Here are a couple more resources as well from CloudSkillsBoost and the SecOps learning portal: https://learn.chronicle.security/courses/take/chronicle-siem-fundamentals/lessons/35477407-parsing-data https://ww...

cmorris

SOAR accounts are automatically disabled when the password expires after not being changed for 90 days. SOAR users should receive notifications about password expiration prior to this taking place.

cmorris · 05-15-2024

You will have to open a support case. You can find existing labels and whether or not there is an existing parser for them here - https://cloud.google.com/chronicle/docs/ingestion/parser-list/supported-default-parsers.

cmorris · 04-23-2024

The GCP community is here - https://www.googlecloudcommunity.com/gc/Google-Cloud/ct-p/google-cloud

My Stats

cmorris's Bio

Badges cmorris Earned

Recent Activity

Re: PULSE_SECURE_VPN parser

Re: Help! Looking for Video Tutorial on Writing Parsers from Scratch in Google Chronicle

Re: What are the triggers that automatic disable SOAR accounts?

Re: Ingesting custom log data to Chronicle SIEM - Not existing Log Source and Log type

Re: Verification in progress