Back to feed
GCP·Google SecOps SIEMfeature·
AI Insights

Upgraded Chronicle API

Upgraded Chronicle API

We've upgraded the following Chronicle API resources from v1 beta to v1. This upgrade signals API stability and functional completeness, enabling customer and partner adoption for production usage. We recommend that customers and partners use Chronicle API for all new integrations, for a more robust, secure, and extensible experience. Learn more about API Stability.

The following features and resources are included in this update:

• Alerts and ATIs, UEBA: Threat Collection, IoC, CoverageDetail, EntityRisk • Dashboards: NativeDashboard, DashboardChart, DashboardQuery, FeaturedContentNativeDashboard • Data Tables: DataTable, DataTableRow, DataTableOperationError • Ingestion: Logs, Feed, LogTypeSchema, FeedSourceSchema, FeedPack, Forwarder • Normalization: Logtype, Parser, IngestionLogLabel • Detections: FindingsRefinement, VerifyRuleText, FeaturedContentRule, RuleExecutionError • Search & Investigation: Event, Entity, SearchQuery, SavedColumnSet • Exports: BigQueryExportService • Enrichment Controls: EnrichmentControl, EnrichmentCombination

For a full list of updated resources and links to the documentation, please see the Chronicle API documentation.

Read original announcement

More from Google SecOps SIEM

UDM fields now show whether data is enriched or notJun 9, 2026Google SecOps has updated the list of supported default parsers.May 31, 2026Standard parser support policyMay 27, 2026The logType field in the enhanced Data Export API is deprecated in favor of the new (optional)includeLogTypes field,...May 18, 2026