After Google Support has removed Google Security Operations SOAR from your setup, we recommend you look through the following checklist and make the appropriate changes.
Delete remote agents.
Remove any API keys and accounts created for use with Google SecOps SOAR integrations.
Close any ports opened in the firewall for the Google SecOps SOAR platform or remote agents.
Remove SAML provider configurations created for use with Google SecOps SOAR.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-06 UTC."],[[["This document is relevant only for users of the standalone SOAR platform following its removal."],["It's recommended to delete remote agents after Google Support has removed the SOAR instance from your setup."],["Any API keys, accounts, and SAML provider configurations related to Google SecOps SOAR should be removed."],["Firewall ports opened for the Google SecOps SOAR platform or remote agents should be closed."]]],[]]
