From 7e5cbc5fb5bc4f3b03fe5da590ce575d9f7d56f8 Mon Sep 17 00:00:00 2001
From: Shourabh Payal <shourabhpayal@google.com>
Date: Sat, 5 Aug 2023 09:20:22 +0000
Subject: [PATCH] add related integration field for chronicle sample alert
 policies

---
 alerts/google-cloud-chronicle/metadata.yaml | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/alerts/google-cloud-chronicle/metadata.yaml b/alerts/google-cloud-chronicle/metadata.yaml
index 75d5bada7d..2b019aa752 100644
--- a/alerts/google-cloud-chronicle/metadata.yaml
+++ b/alerts/google-cloud-chronicle/metadata.yaml
@@ -3,15 +3,27 @@ alert_policy_templates:
   id: silent-forwarder
   description: "sample policy to detect a single silent Chronicle forwarder using collector_id filter"
   version: 1
+  related_integrations:
+    - id: chronicle_security
+      platform: GCP
 -
   id: forwarder-buffer-usage-more-than-threshold-with-filters
   description: "sample policy to detect forwarder mean buffer used is more than 1% over a 1 hour window for input type pcap and buffer type memory"
   version: 1
+  related_integrations:
+    - id: chronicle_security
+      platform: GCP
 -
   id: all-silent-forwarder-logtype-combinations-except-few-logtypes
   description: "sample policy to detect all silent Chronicle forwarder and logtype combinations except few logtypes"
   version: 1
+  related_integrations:
+    - id: chronicle_security
+      platform: GCP
 -
   id: all-silent-forwarder-logtype-combinations
   description: "sample policy to detect all silent Chronicle forwarder and logtype combinations"
-  version: 1
\ No newline at end of file
+  version: 1
+  related_integrations:
+    - id: chronicle_security
+      platform: GCP
\ No newline at end of file