Chronicle SIEM is the foundation of your SecOps platform. SIEM will aggregate incoming data in the form of logs, alerts, and raw data, enrich it with additional context, normalize it, and then index it for rapid search.
This provides the platform for security event correlation which can then be enhanced through various Google threat-intelligence feeds, security tools, and SecOps SOAR which provides simple orchestration and automation for security response in the form of customizable playbooks.
The first step in adopting your Google SecOps platform is this onboarding journey.
Journey
Actions
In the SecOps SIEM Journey you will navigate through four main tasks of implementation:
Next Steps: Security Operations SIEM: Step 1 - OnBoarding