Hi
Can someone suggest how i can integrate cisco NDR with chronicle?
Cisco NDR with chronicle
+2Hi - if you are referring to Cisco Stealthwatch, there is a supported Google SecOps parser, recently updated. See: https://cloud.google.com/chronicle/docs/ingestion/parser-list/cisco-stealthwatch-changelog. Suggest you configure a regular Syslog feed into SecOps, use the CEF format, and ensure you are setting the ingestion label to CISCO_STEALTHWATCH and see how you do. If you're talking about the SOAR side of SecOps, there's also support for that: https://cloud.google.com/chronicle/docs/soar/marketplace-integrations/stealthwatch
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.