Skip to main content

Hi SIEM searchers!

SIEM does not yet have a means to share selected columns for a SIEM  search.

I can share a link of a SIEM search (or use Search Manager to share a search) , my team mate will see the syntax of the search, the time span, and see results of the search... but they do not see column view I defined for my view of these search results. Instead they see which ever column view they used last.

Anytime I meet with a Google person I remind thme that this is a big deal, particularly for MSSP adoption: it's vital that the same set of tools is rolled out to each analyst so each analysis is done consistently to a high level of service. Instead a lot of time is taken socializing the best column views and making sure every analyst s using the same ones.

On the other hand perhaps one of our community members has something that can ease the pain of sharing columns?

 

Does your teammate have the same permissions as you?

Thx for the reply

Yes, even with the samepermissions SIEM does not yet have sharing of Columns sets as a functionality.

(Unless it's a preview feature that's not in my instance yet)

Reply


Terms & ConditionsCookie settings
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.