Writing jobs
The Jobs Scheduler page contains default Google Security Operations jobs, as well as jobs that are created in the IDE and are essentially scripts that can be scheduled to run periodically.
The following predefined jobs are available:
| Option | Description |
|---|---|
| Actions Monitor | Notifies if a specific action has failed at least 3 times, across all cases it was performed in (to a predefined email, as set in the Siemplify integration configuration in the Google Security Operations Marketplace.) |
| Connectors Monitor | Notifies regarding any Connectors error in the alert ingestion process |
| Machine Resource Utilization | Notifies if the machine
resource utilization is close to full usage, according to the following
default rules: CPU – over 90% MEM – over 85% Drive – over 80% |
| ETL | Notifies regarding any error in the ETL alert ingestion process |
| Jobs Monitor | Notifies if a specific job has failed at least 3 times (sends a notification for each specific job once every 3 hours) |
Configure a new job
- First, create the job in the IDE. Refer to Using the IDE for more details.
- In the left navigation, navigate to Response > Jobs Scheduler. The Jobs Scheduler page is displayed.
- Select add Create new job.
- Select the job you created in the IDE and click Save.
- Enter the scheduler information for when the script should run.
- Make sure to click Save.
- You can also choose to run the script immediately by clicking Run Now.