Reports are useful for justifying Return on Investment (ROI) to upper
management and to achieve transparency and accountability to customers and
colleagues.
Google Security Operations provides analysts with four predefined reports and the
option to create new ones. You can also export and import reports to other
platforms.
The predefined reports are:
Management – Soc Status
Management – Closed Cases
Tier 1 – Open Cases
ROI – Analysts Benchmark
Generate a report
Go to Dashboards & Reports > SOAR Reports.
Click Generate under the Generate Report column.
In the Generate report dialog, select the Environments,
Time Frame, and File type (PDF or Word).
Click Download.
Schedule a report
Select the required report.
Select the Scheduler tab, and click
add
Add.
In the New Schedule dialog that appears, click the Enable
toggle to turn on the Scheduler, and enter the relevant information.
Click Save.
Add a new report
Click
add
Add new template.
In the New report template dialog that appears, enter a relevant
name, and select a Category from the menu.
Click Create.
The report appears in the list of reports.
Edit a report
Select the required report from the list of reports.
Select the Edit tab.
Click
add
Add
and choose one of the following formats: Editor, Pie Chart,
Table, or Vertical Bar.
A dialog appears based on the selected format. For this example,
select Pie Chart.
Enter the relevant information. Note that selecting Alerts
or Cases affects the options in the other fields. In this
example, we created a report based on alerts coming from products
where the case was closed as malicious, and the root cause was an external
attack.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eSOAR reports in Google Security Operations help demonstrate ROI and provide transparency to management, customers, and colleagues.\u003c/p\u003e\n"],["\u003cp\u003eGoogle Security Operations provides four predefined reports: Soc Status, Closed Cases, Open Cases, and Analysts Benchmark.\u003c/p\u003e\n"],["\u003cp\u003eReports can be generated on demand, exported, imported, and scheduled for regular delivery.\u003c/p\u003e\n"],["\u003cp\u003eUsers have the ability to create new reports and modify existing reports, using various formats, such as tables, pie charts, and vertical bars.\u003c/p\u003e\n"]]],[],null,["# Understand SOAR Reports\n=======================\n\nSupported in: \nGoogle secops [SOAR](/chronicle/docs/secops/google-secops-soar-toc) \n\nReports are useful for justifying Return on Investment (ROI) to upper\nmanagement and to achieve transparency and accountability to customers and\ncolleagues.\n\n\nGoogle Security Operations provides analysts with four predefined reports and the\noption to create new ones. You can also export and import reports to other\nplatforms.\n\nThe predefined reports are:\n\n- **Management -- Soc Status**\n- **Management -- Closed Cases**\n- **Tier 1 -- Open Cases**\n- **ROI -- Analysts Benchmark**\n\n\nGenerate a report\n-----------------\n\n1. Go to **Dashboards \\& Reports \\\u003e SOAR Reports.**\n2. Click **Generate** under the **Generate Report** column.\n3. In the **Generate report** dialog, select the **Environments** , **Time Frame** , and **File type** (PDF or Word).\n4. Click **Download** . \n\nSchedule a report\n-----------------\n\n1. Select the required report.\n2. Select the **Scheduler** tab, and click add **Add** . \n3. In the **New Schedule** dialog that appears, click the **Enable** toggle to turn on the Scheduler, and enter the relevant information.\n4. Click **Save**.\n\nAdd a new report\n----------------\n\n1. Click add **Add new template**.\n2. In the **New report template** dialog that appears, enter a relevant name, and select a **Category** from the menu.\n3. Click **Create**.\n\nThe report appears in the list of reports.\n\nEdit a report\n-------------\n\n1. Select the required report from the list of reports.\n2. Select the **Edit** tab. \n3. Click add **Add** and choose one of the following formats: **Editor** , **Pie Chart** , **Table** , or **Vertical Bar** . A dialog appears based on the selected format. For this example, select **Pie Chart**.\n4. Enter the relevant information. Note that selecting **Alerts** or **Cases** affects the options in the other fields. In this example, we created a report based on alerts coming from products where the case was closed as malicious, and the root cause was an external attack.\n[](/static/chronicle/images/soar/understandingreports8.png)\n5. Click **Save**.\n\n\u003cbr /\u003e\n\n**Need more help?** [Get answers from Community members and Google SecOps professionals.](https://security.googlecloudcommunity.com/google-security-operations-2)"]]
