Skip to main content

Hi All,

 

Building a native dashboard to quickly assess entity context and associated detections activity across the environment.

Would like to write a query retrieve enriched data of a particular entity (say Domain name, IP) such as first_seen_time, etc. and map all related security detections for that specified domain.

 

Thanks in advance

Would also like to know if cases that the entity was part of can be retrieved?

Terms & ConditionsCookie settingsAccessibility statement
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.