This repository contains correlation rules, search queries, dashboards, and playbooks for Google SecOps (Chronicle) designed specifically to work with Rubrik Security Cloud (RSC) event data and APIs.
For detailed installation instructions, please refer to the component-specific guides:
- SIEM Content (Dashboards, Correlation Rules, Search Queries): See SIEM/README.md
- SOAR Content (Playbooks & Blocks): See SOAR/README.md
Comprehensive documentation is available for each component:
| Component | Documentation | User Guide |
|---|---|---|
| SIEM | SIEM README | SIEM User Guide (PDF) |
| SOAR | SOAR README | SOAR User Guide (PDF) |
If you find any challenges from this project are not properly documented or are unclear, please raise an issue and let us know! This is a fun, safe environment - don't worry if you're a GitHub newbie! ❤️
We gladly welcome contributions from the community. From updating the documentation to adding more functions, all ideas are welcome. Thank you in advance for all of your issues, pull requests, and comments! ⭐