We are covering a lot of ground today, as we take a look at risk score, conditional logic and mathematical operators, all of which can be added to the outcome section of a YARA-L rules in Chronicle SIEM.

While we are applying the concepts of conditional logic and mathematical operations to a risk score today, it's important to understand that conditional logic (if then else statements) and mathematical operators are not limited to calculating risk score. Risk score is considered a special variable as its value is carried into alert queues and are available to analysts and playbooks.

Follow along in the video below to see how conditional logic and mathematical operators can be used to create a risk score within the outcome section of a YARA-L rule.

Remember that conditional logic can be used throughout outcomes, not just in the risk score. The syntax is straightforward; if <field> operator <value>, then x, else y. Mathematical operators include addition, subtraction, multiplication, division and modulus and can be used throughout the outcome section. There are some additional uses for mathematical operators beyond what we covered today that we will circle back to in time.

Check out these additional resources with more information and learning opportunities:

• New to Chronicle blog series
• Chronicle Learning Path on Google Cloud Skills Boost
• Chronicle documentation
• Google Cloud Security Community Events