alert_policy_templates: - id: silent-forwarder description: "sample policy to detect a single silent Chronicle forwarder using collector_id filter" version: 1 related_integrations: - id: chronicle_security platform: GCP - id: forwarder-buffer-usage-more-than-threshold-with-filters description: "sample policy to detect forwarder mean buffer used is more than 1% over a 1 hour window for input type pcap and buffer type memory" version: 1 related_integrations: - id: chronicle_security platform: GCP - id: all-silent-forwarder-logtype-combinations-except-few-logtypes description: "sample policy to detect all silent Chronicle forwarder and logtype combinations except few logtypes" version: 1 related_integrations: - id: chronicle_security platform: GCP - id: all-silent-forwarder-logtype-combinations description: "sample policy to detect all silent Chronicle forwarder and logtype combinations" version: 1 related_integrations: - id: chronicle_security platform: GCP - id: ingestion-quota-limit-approaching description: "sample policy to detect if ingestion is approaching quota limit" version: 2 related_integrations: - id: chronicle_security platform: GCP - id: ingestion-quota-rejects description: "sample policy to detect if ingestion requests are being rejected due to insufficient ingestion quota" version: 2 related_integrations: - id: chronicle_security platform: GCP