Skip to main content
Question

Chronicle SecOps SIEM and SOAR

  • September 18, 2025
  • 1 reply
  • 43 views
Dharma289
Forum|alt.badge.img

We’ve recently purchased SecOps SOAR capabilities while the SecOps SIEM is in place for more than 2 years. 

We have custom rules and also the alerting is available. But no cases are being created in SOAR. 

I could see the Google Chronicle is configured. Would lile to know if I’m missing something here, since I’m new to SOAR and SecOps SOAR as well.

1 reply

_K_O
Forum|alt.badge.img+12
  • _K_OBronze 5
  • Bronze 5
  • September 18, 2025

Hi ​@Dharma289, this should be automatically set up but if it’s not, I highly recommend reaching out to your CSE as this is something that they should have helped you set up initially. 

 

If you want to confirm that the connector is running, head over to the ingestion settings within the SOAR settings page: https://cloud.google.com/chronicle/docs/soar/marketplace-integrations/google-chronicle#chronicle-alerts-connector

Terms & ConditionsCookie settingsAccessibility statement
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.