Stealthwatch

Integration version: 7.0

Configure Stealthwatch integration in Google Security Operations

For detailed instructions on how to configure an integration in Google SecOps, see Configure integrations.

Actions

Ping

Description

Test Connectivity.

Parameters

N/A

Use cases

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Search Events

Description

Get a hosts security events for a given time frame.

Parameters

Parameter Type Default Value Description
Time Frame String N/A Time frame in hours.

Use cases

N/A

Run On

This action runs on the IP Address entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Search Flows

Description

Get flows by the IP address for a given time frame.

Parameters

Parameter Type Default Value Description
Time Frame String N/A Time frame in hours(e.g: 3).
Limit String N/A The limit of the received flow.

Use cases

N/A

Run On

This action runs on the IP Address entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Need more help? Get answers from Community members and Google SecOps professionals.