Skip to main content

Hello Team ,

greetings

I’m creating a Google SecOps onboarding document for new clients who is getting onboarded to secops siem and soar.one section of from the documents outlines core features and limitations of key SecOps functions. Could you please help me identify and clearly explain the current limitations or gaps for the  SecOps features 

If there is any document i can easily refer that will be very helpful

  • Entity Graph

  • Multi-Stage Rules

  • Metrics

  • Risk Scoring

  • Risk Analytics

  • Native Dashboarding

  • Composite Rule

  • Reference Lists (Search, String (Plain Text), String (Integers), RegEx, CIDR)

  • Data Tables

thanks in advance

@jstoner @dnehoda @raybrian 

@NASEEF 

We don't have a single place to show all the limits / gaps but this is the page showing the service limits:https://cloud.google.com/chronicle/docs/reference/service-limits


For each services you listed, I tried put the documents and maybe you can try to search with keyword "limit" in the chronicle docs site like this -> https://cloud.google.com/s/results/chronicle/docs?q=entity%20graph%20limit


Trying to put something for you below, please review: 



https://cloud.google.com/chronicle/docs/detection/composite-detections#limitations


Reply


Terms & ConditionsCookie settings
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.