search
PricingSign inRequest a Demo

Google SecOps Standardization

triangle-exclamation

WARNING

This processor requires collector version 1.64.0 or newer to send fields to Google SecOps. In older collector versions, namespace and ingestion label fields will be added to telemetry but not parsed in Google SecOps.

hashtag
Description

The Google SecOps Standardization processor can be used to add the log_type ingestion labelarrow-up-right, which specifies the appropriate SecOps Parser for your logs.

hashtag
Use

The Google SecOps Standardization processor is to be used alongside the Google SecOps Exporter. This processor allows the user to configure the log type, namespace, and ingestion labels for logs sent to SecOps.

hashtag
Supported Types

Metrics
Logs
Traces

hashtag
Configuration

Field
Description

Log Type

The type of log that will be sent.

Namespace

User-configured environment namespace to identify the data domain the logs originated from.

Ingestion Labels

Key-value pairs of labels to be applied to the logs when sent to chronicle.

hashtag
Example Configuration

hashtag
Configure Google SecOps for Windows events

This example configuration sets logType to "WINEVTLOG", namespace to "security", and ingestionLabels to a key-value pair: "environment" and "production".

Web Interface

Bindplane docs - Google SecOps Standardization - image 1

Standalone Processor

PreviousFilter SeverityNextGroup by Attributes

Last updated

Was this helpful?