This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question
samryanturner
Bronze 5
Bronze 5
Since ‎01-15-2024
Monday

My Stats

  • 18 Posts
  • 1 Solutions
  • 10 Likes given
  • 5 Likes received

samryanturner's Bio

Badges samryanturner Earned

View all badges

Recent Activity

Dynamic List Filtering - Google SecOps SIEM Connector

4 weeks ago
Has anyone successfully filtered on key/values being NULL with the dynamic list on the ingestion connector?Use case, I want to route all Google SecOps SIEM alerts to one SOAR environment if a specific key/value doesn't exist whatsoever in a rule meta...

Ontology Mapping - Microsoft Defender 365

07-24-2024
Has anyone had any luck configuring their event mappings in SOAR for this integration?Seems every single event type could relate to a different named incident from Defender which makes this rather painful.With documentation thin on both sides (unders...

case_free_search explanation

03-19-2024
Hey All!Can someone explain what the 'case_ids_free_search' parameter is used for here? - https://cloud.google.com/chronicle/docs/soar/reference/siemplify-module#get_cases_by_filter My use case is to get all cases closed in the last x minutes that ha...

Closed Case Search

02-05-2024
I'm currently using the below to get all closed cases within our SOAR platform - https://cloud.google.com/chronicle/docs/soar/reference/siemplify-module#get_cases_ids_by_filter This code below is returning "Action failed as JSON result exceeded maxim...

Case Closure Reason

01-15-2024
Has anyone managed to successfully extract 'Case Closure Reason' within a playbook? It's required for some branching logic and it doesn't seem to be listed in the example data of 'Get Case Data' action.
Likes from