Table of Contents
Below you'll find a table of contents for the Custom Dashboards journey.
Custom dashboard allow SecOps teams and team members to prioritize the informational views and data they see. This allows organizations, teams, and individuals to customize their interaction with SecOps to their role. Custom dashboards are not a requirement for product use, but greatly enhance the user experience. Dashboards should be tailored to the role of the user, and modified as workflows change.
Prerequisites
Entitlement for SecOps SIEM on the account and project.
Actions
Import/Export Dashboard
Dashboards can be imported and exported to allow for sharing between users and teams.
Show More Prerequisites
See the Relevant Links section for more documentation regarding the prerequisites.
A dashboard file to Import
A dashboard created to Export
Steps
In Chronicle UI, click Dashboards
Click Menu next to the dasboard that you want to export.
Select Export from the list, the Export dashboard dialog box will appear.
Click Export
In Chronicle UI, click Dashboards
Click Add, next to personal or shared dashboards, then select Import dashboard.
Select a dashboard file, then click Confirm.
Click Import
Relevant Links
Prerequisites
See the Relevant Links section for more documentation regarding the prerequisites.
A dashboard file to Import
A dashboard created to Export
Steps
In Chronicle UI, click Dashboards
Click Menu next to the dasboard that you want to export.
Select Export from the list, the Export dashboard dialog box will appear.
Click Export
In Chronicle UI, click Dashboards
Click Add, next to personal or shared dashboards, then select Import dashboard.
Select a dashboard file, then click Confirm.
Click Import
Relevant Links
All Steps: https://cloud.google.com/chronicle/docs/reports/import-export-dashboards
Create Custom Dashboard
Custom Dashboards are a great way to provide specific insights into the data. You add tiles to the dashboard that display the visualizations, text, or buttons necessary for the context in which you are monitoring or responding to.
Show More Prerequisites
See the Relevant Links section for more documentation regarding the prerequisites.
Administrative Access to SecOps SIEM
Steps
In the Chronicle UI, click Dashboards.
Under Personal Dashboards or Shared Dashboards, click Add > Create New.
Click Edit Dashboard, then give it a name.
Add a tile (or multiple tiles) to the dashboard. | Docs
Create a new blank tile
Duplicate an existing tile
Edit an existing tile
Click Save.
Relevant Links
Prerequisites
See the Relevant Links section for more documentation regarding the prerequisites.
Administrative Access to SecOps SIEM
Steps
In the Chronicle UI, click Dashboards.
Under Personal Dashboards or Shared Dashboards, click Add > Create New.
Click Edit Dashboard, then give it a name.
Add a tile (or multiple tiles) to the dashboard. | Docs
Create a new blank tile
Duplicate an existing tile
Edit an existing tile
Click Save.
Relevant Links
All Steps: https://cloud.google.com/chronicle/docs/reports/create-custom-dashboard
4: https://cloud.google.com/chronicle/docs/reports/create-custom-dashboard#add-tile
Schedule Reports
Having a report scheduled to run at a specific time can be a great way to keep up with the data that is important to you and your organization.
Show More Prerequisites
See the Relevant Links section for more documentation regarding the prerequisites.
Administrative access or editor rights inside of SecOps are necessary to schedule reports.
Steps
In the Chronicle UI, click Dashboards & Reports > SIEM Dashboards.
Note: If you're just a SIEM customer, just click Dashboards.
From the list of default and personal dashboards, select the dashboard for which you want to schedule report delivery.
Click the 3 vertical ellipses from the top right of the page and select Schedule Delivery.
In the Schedule Delivery dialog, fill out the following details in the Settings tab:
Name
Recurrence Day/Data and Time
Email addresses for recipients (comma seppparated)
In the Format list, select the CSV, PDF, or PNG file to format for the report.
On the Filters tab, specify the time period for the report
Click the Time field and select the filter conditions
Add more time filters by clicking the Add icon
On the Advanced options tab, select the paginate options for the email"
Click Save
Relevant Links
Prerequisites
See the Relevant Links section for more documentation regarding the prerequisites.
Administrative access or editor rights inside of SecOps are necessary to schedule reports.
Steps
In the Chronicle UI, click Dashboards & Reports > SIEM Dashboards.
Note: If you're just a SIEM customer, just click Dashboards.
From the list of default and personal dashboards, select the dashboard for which you want to schedule report delivery.
Click the 3 vertical ellipses from the top right of the page and select Schedule Delivery.
In the Schedule Delivery dialog, fill out the following details in the Settings tab:
Name
Recurrence Day/Data and Time
Email addresses for recipients (comma seppparated)
In the Format list, select the CSV, PDF, or PNG file to format for the report.
On the Filters tab, specify the time period for the report
Click the Time field and select the filter conditions
Add more time filters by clicking the Add icon
On the Advanced options tab, select the paginate options for the email"
Click Save
Relevant Links
Prerequisites: https://cloud.google.com/chronicle/docs/reports/schedule-reports#control_access_to_scheduling_dashboard_reports
All Steps: https://cloud.google.com/chronicle/docs/reports/schedule-reports#create_a_new_schedule_for_report_delivery