I have problems with my playbook, it does not generate cases with the alerts and yesterday it generated them automatically which is simple, the playbok is triggered when it matches any rule yara-l is activated through mail v2, this is configured correctly, the problem is that I do not receive emails nor are cases generated I am currently ingesting data correctly and this alert has continued to be generated but not the emails sent The playbooks have not been modified I attach evidence of the aforementioned
Page 1 / 1
The last email received was yesterday, March 4, below shows that today there were detections but no cases were generated
The SMTP service is correctly working and running, a test of this configuration was carried out
I hope someone can guide me to know what is happening, I would appreciate it.
Hey Erik! This would be better suited for the Secops SOAR forum instead! https://www.googlecloudcommunity.com/gc/SecOps-SOAR/bd-p/chronicle-soar
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.