Hello,
My IT Director has tasked me figuring out how to send our G Suite log data to Splunk. Is there any guides on how to do this?
Yes, the app you linked to provides that. http://apps.splunk.com/app/2714 . The bigger question is, what logs are you looking for? The App includes instructions, and I'm working on the next version (targeting 2-4 weeks to release).
We can have more in-depth discussion on slack (http://splk.it/slack) and find me! OR email, or IrC. any works for me.
Yes, the app you linked to provides that. http://apps.splunk.com/app/2714 . The bigger question is, what logs are you looking for? The App includes instructions, and I'm working on the next version (targeting 2-4 weeks to release).
We can have more in-depth discussion on slack (http://splk.it/slack) and find me! OR email, or IrC. any works for me.
WARNING: This App could produce a fatal error into Splunk. This is what happen me.
"Unable to initialize modular input "ga_ss" Define in GsuiteForSplunk
you are right, I have Splunk 8
Are you using Splunk 8? It is not supported yet.
@alacercogitatus,
Hi there, can I use this APP to retrieve the G Suite email audit logs and email header, like so on? so that we could use the logs to conduct the investigation for phishing, business email compromise...
Thanks.
@alacercogitatus , can I use this app to retrieve the g suite email audit log into Splunk? seems it doesn't require gmail API...
thanks.