In g suite App ,
1) What all data it will pull from G suite in to splunk?
2) In Applicationn Configuration , what will be the Google Apps Domain ? is it https://console.developers.google.com/ ?
3) what will be Client ID or client secret for application like Docs or email ? is it gusite Super admin credentials only?
4) If application configuration requires super admin credentials of g suite then what is in the create new credentials ? it will also have super admin of gsuite if yes then what is the difference ?
As mentioned in my email, YOU NEED TO READ THE DOCUMENTATION. If you need further help, try getting on Slack (splk.it/slack) and ping me directly. The setup is not overly complicated, just follow the steps. Thanks!
As per the docs ,
You must have enabled the Google Apps API - Super Admin user will enable it i believe
You must have configured a credential for use with this App - So at console.developers we can have a seperate credentials which we will use for g suite app ? right ?
You must AUTHORIZE this app to make requests into Google Apps APIs. - how to authorize? if it is application configuration only then Google Apps Domain will be our company.com but we want to pull only
email or docs data . there is not a API project as such so what will be the client id and secret?
so i do not need to create new proxy , create new credential
so how splunk will get authorize to see or pull data from g suite?
@splunk24 - I suggest you get your Google Admin in the room. You need a few things.
1) a Google User with Super Admin privs.
2) An API Project from console.developers.google.com with a Client ID and Secret. Generate it. It's right there in the console.
3) Authorize the app - I've provided the workflow on the Application Configuration Page. This is straightforward, input your tokens and domain, click the button, authorize the api calls (check for adblocker), and then put the auth token in the box, and click the button again. Standard OAUTH workflow.
4) Create an Input. Click the checkboxes you want.
Again - THIS DOES NOT PULL EMAIL ANYTHING. That is a cumbersome mess I haven't figured out yet.
Again - this is in the documentation. Have you tried any of this yet? It appears you haven't, so please try any of the steps and then ask more questions based on trial/error that you receive.
ok will try that .
may i know the port number to authenticate the client id or secert from splunk to g suite ?
and data will come to splunk in which port ? i need to open the ports for firewall
create client id lands mein to this option
Android Learn more
Chrome App Learn more
iOS Learn more
but i want data from g drive only? then which one to select
and what to be enter here
For use with requests from a browser. This is the origin URI of the client application. It cannot contain a wildcard (https://*.example.com) or a path (https://example.com/subdir). If you're using a non-standard port, you must include it in the origin URI.
Authorised redirect URIs
For use with requests from a web server. This is the path in your application that users are redirected to after they have authenticated with Google. The path will be appended with the authorisation code for access. Must have a protocol. Cannot contain URL fragments or relative paths. Cannot be a public IP address.
HI All - Have a question coming from Audit - Does the data at anytime traverse the app developers cloud instance or any external cloud instance other than google cloud platform ? Anybody has any idea? Thanks in advance !