Console

View the original SIEM data in a case

Supported in:

Google SecOps SOAR

To view the original SIEM data in a case, complete the following steps:

Drill down to the required case.
Click the Overview tab. The Overview tab shows you the alerts, their timeline, extracted entities, and insights that were collected by automation.

View the original event that generated the alerts

To view the original event that generated the alerts, complete the following steps:

Go to the Events tab.
Click View More. A side drawer opens with all the details associated with the event.

Need more help? Get answers from Community members and Google SecOps professionals.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-04-22 UTC.