Looker

Marketplace

Develop for Marketplace

Blocks

Google Chronicle

By Chronicle Security
Explore, analyze and visualize Chronicle data in Looker.
Explore, analyze and visualize Chronicle data in Looker.

Version

v4.6.1

Release Notes

Category

Blocks

ETL Providers

Google BigQuery Export

SQL Dialects

Google BigQuery

Overview

Install this block for free by importing the project(s) from the GitHub repository linked at the top of the listing.

Why use the Chronicle Security Looker Block?

  • Rapid Time To Value - gain insights from your Chronicle data in minutes, not hours. The Chronicle Security Block includes pre-built dashboards and content focusing on the Data Ingestion Status and Health, context for Rule Detections, IOC matches and Alert prioritization, User Sign-ins, Asset Lookups, and Domain Lookups. Additionally, this data is organized into various Explorer views to enable adhoc querying and exploration of the Chronicle data.

  • Centralized Place for Analysis - No need to play the swivel chair game and go between different consoles, you can do self-service reporting for Chronicle data right here in Looker. Plus, you can combine your Chronicle data with other security and non-security data in your warehouse for end-to-end analysis.

  • Democratization of Data - Security Analysts, managers and executives can easily build their own dashboards, and any user is equipped to ask and answer their own questions, save and share their own reports.

Pre-requisites

  • This block works with Chronicle datasets in Google BigQuery.
  • BigQuery Export feature needs to be enabled for your Chronicle tenant. Reach out to your Chronicle representative to set this up.

Related Content

Amazon Redshift Administration

AWSFine-tune your Redshift deployment with a comprehensive view of performance and query analysis.Blocks

BigQuery Information Schema Performance Monitoring

GoogleMonitor and Explore your BigQuery Usage and PerformanceBlocks

© 2021 Looker Data Sciences, Inc.
Privacy | Terms | Cookies