Hi @Naama12,

You can view the actual Curated Detection by clicking on the rule pack in the Curated Detections homepage and then then clicking on "Most Active Rules". This will redirect you to the detections view for that given rule. You will see the UDM events that triggered the detection there. I am attaching a screenshot as reference.

Additionally, you can also use the legacy rules API "listcuratedruledetections" endpointto pull the detections for a given curated rule.

https://cloud.google.com/chronicle/docs/reference/detection-engine-api#listcuratedruledetections

Hi Rene, thank you for your reply!
in the section of the "most active rule", I can only see the rules from the last 30 days, and I'm trying to view all the detections.
what I want to do is to see what rule I already have from the "curated rules" so I wont have to write them manually. 
so I've tried to write a query that can show only the names of the rules. but I cant do it because they are not inside of the event-so SIEM search isn't relevant, nor the SOAR search cause the alerts weren't on, therefore the detections are not generated.

thank you so much!

@Naama12 there is plan to open the curated rules for customer to review, please reach out to your account CE or CS team to get more info. For now, it's not opened which means you can see all the rules, unles you use API below to get all the rules info:

https://cloud.google.com/chronicle/docs/reference/rest/v1alpha/projects.locations.instances.curatedRules/list