Console

Service Health

This page provides status information on the services that are part of Google Cloud. Check back here to view the current status of the services listed below. If you are experiencing an issue not listed here, please contact Support. Learn more about what's posted on the dashboard in this FAQ. For additional information on these services, please visit https://cloud.google.com/.

Incident affecting Chronicle Security

We are experiencing an issue with Chronicle Security

Incident began at 2025-01-08 09:36 and ended at 2025-01-08 11:43 (all times are US/Pacific).

Previously affected location(s)

Tokyo (asia-northeast1)Mumbai (asia-south1)Singapore (asia-southeast1)Sydney (australia-southeast1)Multi-region: europeTurin (europe-west12)London (europe-west2)Frankfurt (europe-west3)Zurich (europe-west6)Paris (europe-west9)Doha (me-central1)Dammam (me-central2)Tel Aviv (me-west1)Toronto (northamerica-northeast2)São Paulo (southamerica-east1)

Date Time Description
8 Jan 2025 13:06 PST

Mini Incident Report

We apologize for the inconvenience this service disruption/outage may have caused. We would like to provide some information about this incident below. Please note, this information is based on our best knowledge at the time of posting and is subject to change as our investigation continues. If you have experienced impact outside of what is listed below, please reach out to Google Cloud Support using https://cloud.google.com/support.

(All Times US/Pacific)

Incident Start: 3 January 2025 12:14

Incident End: 8 January 2025 11:08

Duration: 5 days, 10 hours, 55 minutes

Affected Services and Features:

Google SecOps (Chronicle Security) - SOAR Permissions

Regions/Zones: europe, europe-west12, europe-west2, europe-west3, europe-west6, europe-west9, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, me-central1, me-central2, me-west1, northamerica-northeast2, southamerica-east1

Description:

Google SecOps (Chronicle Security) experienced an increase in permission errors for non-admin users accessing SOAR cases. From preliminary analysis, the issue was due to a software defect introduced by a recent service update that had been rolled out to non-US regions.

The issue was fully mitigated once the affected service update was rolled back, restoring service for all affected users.

Customer Impact:

  • When a non-admin user attempted to access the SOAR cases view, they received a 403 error.
8 Jan 2025 11:43 PST

The issue with Chronicle Security has been resolved for all affected users as of Wednesday, 2025-01-08 11:06 US/Pacific.

We thank you for your patience while we worked on resolving the issue.
8 Jan 2025 10:55 PST

Summary: We are experiencing an issue with Chronicle Security

Description: Mitigation work is currently underway by our engineering team.

The mitigation is expected to complete by Wednesday, 2025-01-08 11:17 US/Pacific.

We will provide more information by Wednesday, 2025-01-08 12:00 US/Pacific.

Diagnosis: Some non-admin users are facing an issue where they receive a 403 Forbidden when logging in to Cases view.

Workaround: None at this time.
8 Jan 2025 10:50 PST

Summary: We are experiencing an issue with Chronicle Security.

Description: Mitigation work is currently underway by our engineering team.

The mitigation is expected to complete by Wednesday, 2025-01-08 11:17 US/Pacific.

We will provide more information by Wednesday, 2025-01-08 12:00 US/Pacific.

Diagnosis: Some non-admin users are facing an issue where they receive a 403 Forbidden when logging in to Cases view.

Workaround: None at this time.