Skip to main content
Question

Nozomi Logs getting ingested even though connection is successful in Nozomi Console

  • November 27, 2025
  • 3 replies
  • 65 views
Aravind3
Forum|alt.badge.img+8

Hi Team,

 

I’m reaching out regarding an issue with our Nozomi Guardian integration in Google SecOps. Even though the connection shows as successful in the Nozomi Console, we are not seeing any logs being ingested into Chronicle, even under UDM log type.

 

We have given URI as “https://malachiteingestion-pa.googleapis.com” and Customer ID. We downloaded the service account from collection agents console and the connections shows successful in Nozomi console but logs are not getting into Google SecOps. Please let us know if anyone able to find what the issue is here.

 

This is the documentation we followed: https://technicaldocs.nozominetworks.com/products/n2os/topics/administration/settings/data-integration/c_n2os_admin_settings_data-integration_google-chronicle-2.html

 

Thanks in advance!

 

3 replies

Eoved
Forum|alt.badge.img+8
  • EovedBronze 2
  • Bronze 2
  • December 1, 2025

From my experience with similar API connection issues, I recommend checking the Regional Endpoints for your SecOps. You mentioned you’re using https://malachiteingestion-pa.googleapis.com. It’s possible that your SecOps instance is based in a different region. (You can verify this in the URL shown in the GUI.)
For example, if you’re located in London, you should use:
https://europe-west2-malachiteingestion-pa.googleapis.com
You can find the full list here:
https://docs.cloud.google.com/chronicle/docs/reference/ingestion-api#regional_endpoints

Hope this helps!

Aravind3
Forum|alt.badge.img+8
  • Aravind3Bronze 2
  • Author
  • Bronze 2
  • December 1, 2025

Hi,
Thank you for the response,

The connection was working with the endpoint “https://malachiteingestion-pa.googleapis.com” but it suddenly stopped for some reason and post that we downloaded the service account auth file from collection agents console and tried adding that in Nozomi. The connection is successful but not logs are being ingested. I am wondering if the SA, from collections agents, doesn’t have enough permissions for these integrations.

K
Forum|alt.badge.img+1
  • KarthikTech
  • New Member
  • January 16, 2026

Hi ​@Aravind3 

Has the issue been resolved on your end? We are encountering the same problem in our environment. It would be helpful if you could share the steps or approach you followed to resolve it.

If anyone has faced a similar issue, please share your experience or the steps taken to fix it. Your support would be greatly appreciated.

 

Thanks in advance.

Terms & ConditionsCookie settingsAccessibility statement
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.