It’ll most likely take a job in SOAR to automate the system you’ve described.

For pre-migration to the Chronicle API there is a SOAR API endpoint for just this action -

/api/external/v1/connectors/update-from-ide

It takes a Connector instance ID and will update the instance to the latest definition from the updated integration.

For post-migration it looks like there’s similar functionality described here -https://cloud.google.com/chronicle/docs/reference/rest/v1alpha/projects.locations.instances.integrations.connectors.connectorInstances

​Hey @keiS ,

Thanks for sharing your feedback. We had plans for this kind of job for quite some time. I will see with the internal team what can be done. We are a little bit sensitive to do force upgrade, but at least to have a notification would definitely go a long way.

Thank you for your reply.
I can't think of a specific method, so I'd like to know which SOAR function you think could be used to implement this.
I look forward to your reply.

Thank you for your reply.
I'm glad that you'll consider this internally.
I don't think there will be any problems if we can send notifications, so I would appreciate your consideration.

​@keiS we’ve done something similar for updating marketplace integrations using a SecOps scheduled job. It basically follows 3 steps:

1. Get all of the integrations that we have installed: /api/external/v1/integrations/GetInstalledIntegrations
2. Get the details of the integrations and compare the installed version to the latest version on the marketplace: /api/external/v1/store/GetIntegrationFullDetails
3. If the version is outdated, update the integration:/api/external/v1/store/DownloadAndInstallIntegrationFromLocalStore

I’m assuming you could set up similar functionality for the connectors and then run them on a daily basis through the scheduled jobs functionality.