Hi All,
I want access the metrics available in Big Query which are ingested by Chronicle SIEM using Python. Can any one help on same.
Thanks
How to access chronicle data in Big Query
+1
+6- Bronze 1
Typically we'd use the chronicle_cli to grant a user Big Query access . Here are instructions.
+10If you do not have the BQ API keys for your Chronicle data set, please open a support case for it. Once you have the BQ API key, you will be able to query the data set programmatically.
For the chronicle_cli, you also need a set of API keys, so if you do not have those also ask for them.
+1If you do not have the BQ API keys for your Chronicle data set, please open a support case for it. Once you have the BQ API key, you will be able to query the data set programmatically.
For the chronicle_cli, you also need a set of API keys, so if you do not have those also ask for them.
Any sample code would be really helpful
+10Any sample code would be really helpful
Chronicle does not have any specific sample code to query the data set; however, BigQuery does offer plenty of sample code. Here it's an example on how to set up the connection with a service account (API key):
https://cloud.google.com/bigquery/docs/authentication/service-account-file
The data set is read-only.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.