Google SecOps SIEM
Announcement
Release 6.3.73 is being rolled out to the first phase of regions as listed here.
This release contains the following changes:
Announcement
Integration Rollback
This Integration Rollback feature is now in General Availability (GA).
Rollback is not supported for integrations built for Python 2.7 or 3.7. To perform a rollback, a snapshot must have been created during the previous upgrade process. For more information, see Roll back response integration version.
Feature
Structured SOAR Python integration logs
Python integration logging has been upgraded to a structured format to eliminate visibility gaps and ensure comprehensive diagnostic coverage in Google Cloud.
This upgrade changes how Python logs are interpreted in the GCP Cloud Logging Explorer. Previously, logs were bundled into a single block per execution. Now, every log line is interpreted as a separate entry, allowing for granular filtering, better searchability, and easier debugging of specific events.
Recommended Actions:
- Update Log-Based Alerts: Ensure alerts triggered by string matches are compatible with individual log entries rather than bundled blocks.
- Review Automation Scripts: Test any external scripts or BigQuery exports that parse textPayload against the new granular format.
- Verify Dashboards: Custom monitoring dashboards may show an increase in event counts as executions are no longer bundled.
For more information, see Collect SOAR logs.
Google SecOps SOAR
Announcement
Release 6.3.73 is being rolled out to the first phase of regions as listed here.
This release contains the following changes:
Announcement
Integration Rollback
This Integration Rollback feature is now in General Availability (GA).
Rollback is not supported for integrations built for Python 2.7 or 3.7. To perform a rollback, a snapshot must have been created during the previous upgrade process. For more information, see Roll back response integration version.
Feature
Structured SOAR Python integration logs
Python integration logging has been upgraded to a structured format to eliminate visibility gaps and ensure comprehensive diagnostic coverage in Google Cloud.
This upgrade changes how Python logs are interpreted in the GCP Cloud Logging Explorer. Previously, logs were bundled into a single block per execution. Now, every log line is interpreted as a separate entry, allowing for granular filtering, better searchability, and easier debugging of specific events.
Recommended Actions:
- Update Log-Based Alerts: Ensure alerts triggered by string matches are compatible with individual log entries rather than bundled blocks.
- Review Automation Scripts: Test any external scripts or BigQuery exports that parse textPayload against the new granular format.
- Verify Dashboards: Custom monitoring dashboards may show an increase in event counts as executions are no longer bundled.
For more information, see Collect SOAR logs.
Source: Google Cloud Platform
Latest Posts
- Durable Objects, Workers – New `us` jurisdiction for Durable Objects
- (Updated) Upcoming change: disabling Teams meeting recording expiration notification emails [MC1245635]
- (Updated) Extending AI in SharePoint using custom skills [MC1269209]
- Microsoft OneNote: Multimodal recording in Copilot Notebooks on Windows [MC1405506]
