I need to close alerts in SecOps when alerts are closed in our internal case management system. Currently, I’ve used update_alert.py method mentioned in the Blog by
The error I’m running into indicates “Chronicle API has not been used in project xyz before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/chronicle.googleapis.com/overview?project=xyz then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.”
I also, do see the option to update alert is greyed out in the UI. I’m unable to enable Chronicle API by following the link mentioned in the error, any suggestions on how to enable this functionality would be appreciated.
