Skip to main content

search id for udm and raw_log search

  • September 7, 2024
  • 1 reply
  • 4 views
E
Forum|alt.badge.img+3

Hi Community, I have two questions/doubts.

1. is there any way to pull the search ID for every user search on chronicle(Google Secops) siem?

If yes, how do we pull the search ID for the udm and raw_log searches?

2. can we get MD5/Hash() function details for user search(data access logs(gcp cloudaudit))

Please assist me with this.

@rafaelramirez  @cmorris 

Best regards,

Emmie

 

 

1 reply

cmorris
Staff
Forum|alt.badge.img+10
  • cmorris
  • Staff
  • September 9, 2024

Information around audit logging, to include search, can be found here - https://cloud.google.com/chronicle/docs/administration/audit-logging

Terms & ConditionsCookie settingsAccessibility statement
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.