# Google Security Command Center Connect [Google Security Command Center](https://docs.ilert.com/integrations/inbound-integrations/google-security-command-center) to ilert to transport security findings, like misconfigurations or suspicious activity, as technical alerts to on-call personnel. This ensures immediate awareness, structured escalation, and a centralized view of security-related events for responders. ## In ilert: Create a Google Security Command Center alert source 1. Go to **Alert sources** --> **Alert sources** and click on **Create new alert source**

2. Search for **Google Security Command Center** in the search field, click on the Google Security Command Center tile and click on **Next**.

3. Give your alert source a name, optionally assign teams and click **Next**. 4. Select an **escalation policy** by creating a new one or assigning an existing one.

5. Select you [Alert grouping](https://docs.ilert.com/alerting/configure-alerting/alert-sources#alert-grouping) preference and click **Continue setup**. You may click **Do not group alerts** for now and change it later.

6. The next page show additional settings such as customer alert templates or notification prioritiy. Click on **Finish setup** for now. 7. On the final page, an API key and / or webhook URL will be generated that you will need later in this guide.

## In Google Security Command Center: Sending notifications via Google Cloud Functions 1. Enable finding notifications for Pub/Sub with the following guide: 2. Create following function example in Google Cloud Functions. Make sure to replace `[WEBHOOK_URL]`with the Url generated in [this step](#in-ilert-create-google-security-command-center-alert-source). {% tabs %} {% tab title="Go" %} ```go import ( "context" "log" "net/http" "github.com/go-resty/resty/v2" ) type PubSubMessage struct { Data []byte `json:"data"` } func WebhookPubSub(ctx context.Context, m PubSubMessage) { // Send the webhook request with the Pub/Sub message as the content webhookURL := "[WEBHOOK_URL]" client := resty.New() resp, err := client.R(). SetHeader("Content-Type", "application/json"). SetBody(m.Data). Post(webhookURL) if err != nil { log.Printf("Error creating webhook request: %v", err) return } // Check the webhook response if resp.StatusCode() != http.StatusAccepted { log.Printf("Webhook request failed with status code: %d", resp.StatusCode()) return } } ``` {% endtab %} {% endtabs %} 3. Deploy the Google Cloud Function by running the following command in the terminal:\ \ `gcloud functions deploy WebhookPubSub --runtime go116 --trigger-topic YOUR_PUBSUB_TOPIC`\ \ Replace `YOUR_PUBSUB_TOPIC` with the actual Pub/Sub topic name that you want the Cloud Function to be triggered by. ## FAQ **Will alerts in ilert be resolved automatically?** Yes, as soon as the state of an alert in Google Security Command Center is `RESOLVED`, the associated alert in ilert is resolved.