Stealthwatch

Integration version: 7.0

Configure Stealthwatch integration in Google Security Operations

For detailed instructions on how to configure an integration in Google SecOps, see Configure integrations.

Actions

Ping

Description

Test Connectivity.

Parameters

N/A

Use cases

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
success	True/False	success:False

JSON Result

N/A

Search Events

Description

Get a hosts security events for a given time frame.

Parameters

Parameter	Type	Default Value	Description
Time Frame	String	N/A	Time frame in hours.

Use cases

N/A

Run On

This action runs on the IP Address entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
success	True/False	success:False

JSON Result

N/A

Search Flows

Description

Get flows by the IP address for a given time frame.

Parameters

Parameter	Type	Default Value	Description
Time Frame	String	N/A	Time frame in hours(e.g: 3).
Limit	String	N/A	The limit of the received flow.

Use cases

N/A

Run On

This action runs on the IP Address entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
success	True/False	success:False

JSON Result

N/A

Need more help? Get answers from Community members and Google SecOps professionals.