Hi,
Is there a way to automatically group multiple alerts from the same user—especially when individual tickets already exist for similar alerts—so that new alerts can be referenced or linked to an existing Jira ticket instead of creating separate ones each time?
Groupping multiple alerts
+7- Bronze 3
+4- Bronze 3
There is a config for grouping alerts in the SOAR. You can find the detailed information here:
https://cloud.google.com/chronicle/docs/soar/investigate/working-with-alerts/alert-grouping-mechanism-admin
If you want to work with bundled alerts, you're going to want to do that in the SOAR side. It will provide the capability, plus you could automate your tickets into Jira and have them already grouped.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.