AiStrike Documentation

Google SecOps / Chronicle

Generate an API key for Google SecOps / Chronicle SOAR using a service account and assign it the appropriate permissions so AiStrike can access SOAR data.

Step 1: Create a service account

  1. Log in to your Chronicle SOAR instance as an Administrator.

  2. Go to Settings → Users & Roles → Service Accounts.

  3. Click + Create Service Account.

  4. Enter a name (aistrike_service_account) and description (e.g. "Service account to allow AiStrike platform access to SOAR data").

  5. Click Create.

  6. In the Permission Group dropdown, select Collaborator and click Save.

Step 2: Generate an API key

  1. Go to Settings → Users & Roles → API Keys.

  2. Click + Generate API Key.

  3. Enter a name (aistrike_api_key), select the aistrike_service_account service account, and set an expiration per your security policy (e.g. 1 year, or No expiration if you rotate keys manually).

  4. Click Create Key.

  5. Copy and securely store the API key — it's only visible once.

Create a collaborator user (SOAR standalone customers only)

  1. Go to Settings > Organization > User Management.

  2. Click Add.

  3. In the Add User dialog, set License Type to Collaborator, choose Collaborator (or a custom collaborator group) as the Permission Group, and under SOC Roles add Administrator (or Tier3 if Administrator isn't possible).

  4. Click Add.

Required details for integration

Field

Value / Description

Base URL

https://<your-tenant>.chronicle.security

API Key

The aistrike_api_key generated above

Service Account Name

aistrike_service_account

Permission Group

Collaborator

API Key Expiry

As per your policy

Send the integration details securely to AiStrike and connect with your Success Team for next steps.