In order to narrow down the detection data sent from OneView, you can utilize the search parameters available in Google Chronicle SIEM. This allows you to precisely filter and access the required information.
To search for OneView data in the Google Chronicle SIEM platform:
- Go to Investigation > SIEM Search.
- Enter the following string into the search field:
metadata.vendor_name = "Malwarebytes" and metadata.log_type = "MALWAREBYTES_EDR"
- Select the desired date parameter.
- Click Run Search.
- Click on the Events tab.
- The data ingested from OneView is displayed using a Unified Data Model in Google Chronicle SIEM.
Return to the OneView integration with Google Chronicle SIEM section.