Skip to main content

Google Gemini

Download With Dependencies

Leverage Google's advanced AI models for intelligent analysis, content generation, and conversational capabilities in your workflows.

Google Gemini Pack

In today's rapidly evolving threat landscape, security teams need intelligent analysis capabilities to process large volumes of data, generate insights, and accelerate incident response. The Google Gemini pack brings Google's advanced AI models directly into your XSOAR workflows, enabling natural language processing, content analysis, and intelligent automation for security operations.

What does this pack do?

This pack provides the following capabilities:

  • Intelligent Text Analysis: Process and analyze security data, logs, and incident details using Google's advanced language models
  • Natural Language Queries: Ask questions about security events and get contextual responses in plain language
  • Content Generation: Generate summaries, reports, and documentation based on incident data and investigation findings
  • Conversational AI: Maintain conversation context across multiple interactions for complex analysis workflows
  • Flexible Model Selection: Choose from multiple Gemini models including the latest Gemini 2.0 Flash for optimal performance
  • Configurable Parameters: Fine-tune AI responses with temperature, top-p, top-k, and token limit controls

This pack contains the GoogleGemini integration that connects to Google's Generative AI API, allowing you to incorporate powerful language model capabilities into your security automation and investigation processes. The integration supports both Google AI Studio (API key) and Google Cloud Vertex AI (service account) authentication.

Before You Start

Requirements

  • Cortex XSOAR version 6.10.0 or later
  • One of the following authentication methods:
    • A Google AI Studio API key with access to the Generative Language API.
    • A Google Cloud service account with the Vertex AI User role.
  • Network connectivity to https://generativelanguage.googleapis.com (AI Studio) or https://aiplatform.googleapis.com (Vertex AI).

Option A: Get Your AI Studio API Key

  1. Go to Google AI Studio.
  2. Create a new API key or use an existing one.
  3. Ensure the key has access to the Generative Language API.

Option B: Set up Your Vertex AI Service Account

  1. In the Google Cloud console, go to IAM & Admin > Service Accounts.
  2. Create a service account with the Vertex AI User role (roles/aiplatform.user).
  3. Generate a JSON key and download it.
  4. Ensure the Vertex AI API is enabled in your project.

Configuration

  1. In Cortex XSOAR, navigate to Settings > Integrations.
  2. Search for Google Gemini and add a new instance.
  3. Set the Authentication Type to either AI Studio API Key or Vertex AI Service Account.
  4. Configure the following parameters:

Common Parameters:

  • Model: The Gemini model to use for the integration, or a custom model name.
  • Max Tokens: The maximum response length (default: 1024).
  • Temperature: (Optional) The degree of randomness in the responses (0.0-2.0).
  • Top P: (Optional) The nucleus sampling parameter.
  • Top K: (Optional) The top-k sampling parameter.

AI Studio Parameters:

  • API Key: Your Google AI API key.

Vertex AI Parameters:

  • Service Account Key (JSON): The full JSON key contents for your service account.
  • Project ID: Your Google Cloud Project ID.
  • Location: The Google Cloud location (for example, us-central1. Default is global).

Integration Usage

Basic

Use the google-gemini-send-message command to send prompts to the AI model:

!google-gemini-send-message prompt="Analyze this suspicious email and identify potential IOCs"

With Conversation History

Maintain context across multiple exchanges:

!google-gemini-send-message prompt="What are the next investigation steps?" history='[{"role":"user","parts":[{"text":"Previous question"}]},{"role":"model","parts":[{"text":"Previous response"}]}]'

With Automatic Conversation Management

Enable conversation history management to automatically maintain context:

!google-gemini-send-message prompt="Analyze this alert" save_conversation=true

When save_conversation is enabled, the integration automatically:

  • Retrieves previous conversation context from ${GoogleGemini.Chat.History}
  • Includes the last exchange (user + model response) for context
  • Saves the complete updated conversation history for future use

Integration Commands

  • google-gemini-send-message: Send a prompt to Google Gemini and receive an AI-generated response

Troubleshooting

  • Ensure your API key has access to the Generative Language API.
  • *Ensure the service account has the roles/aiplatform.user role and the Vertex AI API is enabled in your project.
  • For AI Studio, use the server URL https://generativelanguage.googleapis.com. For Vertex AI, the URL auto-switches to https://aiplatform.googleapis.com by default.
  • Check network connectivity to Google's API endpoints.
  • Verify that the selected model is available in your region.
  • Review rate limits and usage quotas for your API key or project.

For more information, see the Google AI documentation or contact the pack maintainer.

Pack Contributors:

  • Mu Wang
  • breimers

Contributions are welcome and appreciated. For more info, visit our Contribution Guide.

Google Gemini Pack

In today's rapidly evolving threat landscape, security teams need intelligent analysis capabilities to process large volumes of data, generate insights, and accelerate incident response. The Google Gemini pack brings Google's advanced AI models directly into your XSOAR workflows, enabling natural language processing, content analysis, and intelligent automation for security operations.

What does this pack do?

This pack provides the following capabilities:

  • Intelligent Text Analysis: Process and analyze security data, logs, and incident details using Google's advanced language models
  • Natural Language Queries: Ask questions about security events and get contextual responses in plain language
  • Content Generation: Generate summaries, reports, and documentation based on incident data and investigation findings
  • Conversational AI: Maintain conversation context across multiple interactions for complex analysis workflows
  • Flexible Model Selection: Choose from multiple Gemini models including the latest Gemini 2.0 Flash for optimal performance
  • Configurable Parameters: Fine-tune AI responses with temperature, top-p, top-k, and token limit controls

This pack contains the GoogleGemini integration that connects to Google's Generative AI API, allowing you to incorporate powerful language model capabilities into your security automation and investigation processes. The integration supports both Google AI Studio (API key) and Google Cloud Vertex AI (service account) authentication.

Before You Start

Requirements

  • Cortex version 6.10.0 or later
  • One of the following authentication methods:
    • A Google AI Studio API key with access to the Generative Language API.
    • A Google Cloud service account with the Vertex AI User role.
  • Network connectivity to https://generativelanguage.googleapis.com (AI Studio) or https://aiplatform.googleapis.com (Vertex AI).

Option A: Get Your AI Studio API Key

  1. Go to Google AI Studio.
  2. Create a new API key or use an existing one.
  3. Ensure the key has access to the Generative Language API.

Option B: Set up Your Vertex AI Service Account

  1. In the Google Cloud console, go to IAM & Admin > Service Accounts.
  2. Create a service account with the Vertex AI User role (roles/aiplatform.user).
  3. Generate a JSON key and download it.
  4. Ensure the Vertex AI API is enabled in your project.

Configuration

  1. In Cortex, navigate to Settings > Integrations.
  2. Search for Google Gemini and add a new instance.
  3. Set the Authentication Type to either AI Studio API Key or Vertex AI Service Account.
  4. Configure the following parameters:

Common Parameters:

  • Model: The Gemini model to use for the integration, or a custom model name.
  • Max Tokens: The maximum response length (default: 1024).
  • Temperature: (Optional) The degree of randomness in the responses (0.0-2.0).
  • Top P: (Optional) The nucleus sampling parameter.
  • Top K: (Optional) The top-k sampling parameter.

AI Studio Parameters:

  • API Key: Your Google AI API key.

Vertex AI Parameters:

  • Service Account Key (JSON): The full JSON key contents for your service account.
  • Project ID: Your Google Cloud Project ID.
  • Location: The Google Cloud location (for example, us-central1. Default is global).

Integration Usage

Basic

Use the google-gemini-send-message command to send prompts to the AI model:

!google-gemini-send-message prompt="Analyze this suspicious email and identify potential IOCs"

With Conversation History

Maintain context across multiple exchanges:

!google-gemini-send-message prompt="What are the next investigation steps?" history='[{"role":"user","parts":[{"text":"Previous question"}]},{"role":"model","parts":[{"text":"Previous response"}]}]'

With Automatic Conversation Management

Enable conversation history management to automatically maintain context:

!google-gemini-send-message prompt="Analyze this alert" save_conversation=true

When save_conversation is enabled, the integration automatically:

  • Retrieves previous conversation context from ${GoogleGemini.Chat.History}
  • Includes the last exchange (user + model response) for context
  • Saves the complete updated conversation history for future use

Integration Commands

  • google-gemini-send-message: Send a prompt to Google Gemini and receive an AI-generated response

Troubleshooting

  • Ensure your API key has access to the Generative Language API.
  • *Ensure the service account has the roles/aiplatform.user role and the Vertex AI API is enabled in your project.
  • For AI Studio, use the server URL https://generativelanguage.googleapis.com. For Vertex AI, the URL auto-switches to https://aiplatform.googleapis.com by default.
  • Check network connectivity to Google's API endpoints.
  • Verify that the selected model is available in your region.
  • Review rate limits and usage quotas for your API key or project.

For more information, see the Google AI documentation or contact the pack maintainer.

Pack Contributors:

  • Mu Wang
  • breimers

Contributions are welcome and appreciated. For more info, visit our Contribution Guide.

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByCortex
CreatedJuly 8, 2025
Last ReleaseMay 20, 2026
Threat Intelligence Management
WORKS WITH THE FOLLOWING INTEGRATIONS:
DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise.