We have use case to build the asset management inventory, Where we can manage the devices from centralized dashboard.
We already ingesting multiple log types to SECOPS (Chronicle SIEM). But how to use these log types for asset management.
Any doc or suggestion will be helpful.
How to Use Chornicle For Asset Management
+1
- Bronze 2
chronicle is best for threat detection and log management however there is always a workaround. Now the question is - how are you currently doing it? Through a third party tool or somewhere in a spreadsheet. Also do you have SOAR solution in place?
+1Yes we have a SOAR in place and not via spreadsheet planning to fetch the content via api and display in webpage.
+5As someone mentioned above, SecOps is not built for Asset Management purposes.
There are native Dashboards on Data Ingestion and Health that can help you understand what log sources are sending logs into SecOps, but all of these Dashboards would not help you with a comprehensive understanding of your Assets.
+16As someone mentioned above, SecOps is not built for Asset Management purposes.
There are native Dashboards on Data Ingestion and Health that can help you understand what log sources are sending logs into SecOps, but all of these Dashboards would not help you with a comprehensive understanding of your Assets.
To add on here - how would you track or define an asset?
IP, hostname, domain, user?
There’s such an ever changing list of items but I suppose you could create a dashboard in the native dashboard but what would be your log source of truth? There would be alot of overlap across technologies.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.