Hello All,
Could anyone please let me know how can we enable the dashboard in the below link?
https://github.com/goog-cmmartin/thatsiemguy/blob/main/release_notes_to_udm/dashboard/chronicle_release_notes.yaml
I tried running the below code but doesn't seems to be pushing logs with the changes to be made in the python code. Please find the below code.
https://github.com/goog-cmmartin/thatsiemguy/blob/main/release_notes_to_udm/cloud_function/main.py
Did you define the secrets like CHRONICLE_CUSTOMER_ID, SERVICE_ACCOUNT_FILE etc in the python file? What's the error you are getting?
You can test if the Cloud Function is sending logs by checking the logs on the Cloud Function itself, or else you could try a RLS, or UDM Search, e.g.,
metadata.product_name = "Chronicle SIEM Release Notes"
The other thing is as release notes aren't pushed that often, for testing you can change the env VALID_EVENTS_RANGE value to a larger interval, i.e., make sure its larger enough to capture a latest release note.
Did you define the secrets like CHRONICLE_CUSTOMER_ID, SERVICE_ACCOUNT_FILE etc in the python file? What's the error you are getting?
except the GCP project i've given everything there is no error it is running but i can't see logs getting pushed. Is it nesecary to give GCP project?
Ive tried fetching details from last 3 months. But no logs are getting saved. Please find the below snip.
And what would be the log type?
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.