Google Security Command Center
With the ilert Google Security Command Center integration, you can create alerts in ilert based on Google Security Command Center findings.
Last updated
With the ilert Google Security Command Center integration, you can create alerts in ilert based on Google Security Command Center findings.
Last updated
(c) 2011 - 2024 ilert GmbH
Go to Alert sources --> Alert sources and click on Create new alert source
Search for Google Security Command Center in the search field, click on the Google Security Command Center tile and click on Next.
Give your alert source a name, optionally assign teams and click Next.
Select an escalation policy by creating a new one or assigning an existing one.
Select you Alert grouping preference and click Continue setup. You may click Do not group alerts for now and change it later.
The next page show additional settings such as customer alert templates or notification prioritiy. Click on Finish setup for now.
On the final page, an API key and / or webhook URL will be generated that you will need later in this guide.
Enable finding notifications for Pub/Sub with the following guide: https://cloud.google.com/security-command-center/docs/how-to-notifications#create-notification-config
Create following function example in Google Cloud Functions. Make sure to replace [WEBHOOK_URL]
with the Url generated in this step.
Deploy the Google Cloud Function by running the following command in the terminal:
gcloud functions deploy WebhookPubSub --runtime go116 --trigger-topic YOUR_PUBSUB_TOPIC
Replace YOUR_PUBSUB_TOPIC
with the actual Pub/Sub topic name that you want the Cloud Function to be triggered by.
Will alerts in ilert be resolved automatically?
Yes, as soon as the state of an alert in Google Security Command Center is RESOLVED
, the associated alert in ilert is resolved.