All Apps and Add-ons

Google G Suite Audit logs collection


Hello Splunkers,

We're going to collect Google G Suite Audit logs into our on-primes Splunk deployment.

I can see in the Splunk Add-on for Google Cloud Platform documentation ( that it's doable through Splunk HEC, and in this case it requires a Splunk instance that faces the Internet with static public IP Address. but we don't recommend this approach because its complexity.

My question is, can we pull the G Suite Audit logs by other means, I mean can the Audit logs be forwarded to Google Pub/Sub subscription and we pull them from the TA input Cloud Pub/Sub 


Labels (1)
Tags (2)
0 Karma