[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eStealthwatch is now known as Cisco Secure Network Analytics following its acquisition by Cisco.\u003c/p\u003e\n"],["\u003cp\u003eThe Stealthwatch integration in Google Security Operations SOAR includes actions for testing connectivity, searching events, and searching flows.\u003c/p\u003e\n"],["\u003cp\u003eThe "Ping" action is used to test connectivity and can be run on all entities, with no required parameters or specific use cases.\u003c/p\u003e\n"],["\u003cp\u003eBoth the "Search Events" and "Search Flows" actions operate on the IP Address entity, requiring a time frame parameter, and returning a success status as a script result.\u003c/p\u003e\n"],["\u003cp\u003eDetailed configuration instructions for Stealthwatch integration in Google Security Operations SOAR are available in the "Configure integrations" documentation.\u003c/p\u003e\n"]]],[],null,["# Stealthwatch\n============\n\nIntegration version: 7.0\n| **Important:** Stealthwatch was acquired by Cisco and became Cisco Secure Network Analytics.\n\nConfigure Stealthwatch integration in Google Security Operations\n----------------------------------------------------------------\n\nFor detailed instructions on how to configure an integration in\nGoogle SecOps, see [Configure\nintegrations](/chronicle/docs/soar/respond/integrations-setup/configure-integrations).\n\nActions\n-------\n\n### Ping\n\n#### Description\n\nTest Connectivity.\n\n#### Parameters\n\nN/A\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on all entities.\n\n#### Action Results\n\n##### Entity Enrichment\n\nN/A\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n N/A\n\n### Search Events\n\n#### Description\n\nGet a hosts security events for a given time frame.\n\n#### Parameters\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on the IP Address entity.\n\n#### Action Results\n\n##### Entity Enrichment\n\nN/A\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n N/A\n\n### Search Flows\n\n#### Description\n\nGet flows by the IP address for a given time frame.\n\n#### Parameters\n\n#### Use cases\n\nN/A\n\n#### Run On\n\nThis action runs on the IP Address entity.\n\n#### Action Results\n\n##### Entity Enrichment\n\nN/A\n\n##### Insights\n\nN/A\n\n##### Script Result\n\n##### JSON Result\n\n N/A\n\n**Need more help?** [Get answers from Community members and Google SecOps professionals.](https://security.googlecloudcommunity.com/google-security-operations-2)"]]
