Skip to main content

Hi Team,

For the past week, we’ve noticed that there haven’t been any alerts or results related to Mandiant Threat Intelligence in Google Chronicle, particularly for IOC matches.

We’ve see that the credentials provided are working, but we haven't received any successful results during this time. When reviewing past IOC alerts and matching them with recent logs, we did find a couple of IOCs that meet the criteria. However, these results are not being flagged under the IOC alerts section as expected.

Could anyone advise on how to verify the integration or troubleshoot this issue within Chronicle? We’re looking for ways to ensure that the IOC feed is properly integrated and that it’s actively generating the necessary alerts and logs.

Thanks in advance for your help!

Thanks,

DN

DN - Have you worked with Chronicle support at all on this issue?   I would recommend opening a case there to have them run through any troubleshooting they can do in this area.


There is a selector in the IOC Matches view to show all matches or just prioritized alerts. If that doesn't do it, please open a support case, so we can investigate. 

Thanks, folks. We’ll create a support case with the Google team.

Thanks,

Dnyaneshwar

Reply


Terms & ConditionsCookie settings
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.