search
PricingSign inRequest a Demo

Google SecOps (Chronicle) Forwarder

hashtag
Supported Types

Metrics
Logs
Traces

hashtag
Prerequisites

Ensure you have a Google SecOps forwarder set up and running. More details on setting this up can be found in the Security Operations documentation herearrow-up-right.

hashtag
Configuration Fields

Field
Description

Export Type

The method of export to use, either syslog or file.

Raw Log Field

The field name containing raw log data.

Syslog Endpoint

The SecOps forwarder endpoint for Syslog (if Syslog is chosen as the export type).

Syslog Transport

The transport protocol to use (e.g., TCP, UDP) for Syslog.

Timeout

The timeout for the Syslog dial connection. Used by collector v1.70.0+

Enable TLS

Whether or not to use TLS for secure transmission (relevant for Syslog).

Skip TLS Verification

Option to skip TLS certificate verification (if TLS is enabled).

TLS Certificate File

Path to the x509 PEM certificate (if TLS is enabled).

TLS Private Key File

Path to the x509 PEM private key (if TLS is enabled).

TLS CA File

Path to the x509 PEM certificate authority file (if TLS is enabled).

File Path

The path to the file for storing logs (if File is chosen as the export type).

hashtag
Supported Retry and Queuing Settings

This destination supports the retry settings, the sending queue settings, and the persistent queue settings.

Sending Queue
Persistent Queue
Retry on Failure

hashtag
Example Configurations

hashtag
Syslog Configuration

Bindplane docs - Google SecOps Chronicle Forwarder - image 1

Standalone Destination for Syslog Configuration

hashtag
File Configuration

Bindplane docs - Google SecOps Chronicle Forwarder - image 2

Standalone Destination for File Configuration

PreviousGoogle SecOps (Chronicle)NextGrafana Cloud

Last updated

Was this helpful?