The Google Chronicle Detections CDF for ThreatQ enables the automatic ingestion of detections into the ThreatQ platform in the form of Events. The integration allows you to ingest all of your detections and automatically extract indicators such as IP addresses, domains, and URLs from the detection events and entities. You can also submit via specifying a list of rule IDs.

The integration provides the following feed:

• Google Chronicle Detections - ingests Google Chronicle Detections in the form of ThreatQ events.

The integration ingests the following system objects:

• Assets
• Events
• Indicators