Hello Everyone,

I am trying to integrate Google logs to splunk. I downloaded the Splunk add on+ 2.5.1 version. I am facing few problems:

1. In the google app for splunk while setting up the account, there is a field called "Service account certificate". What do I enter in there? Should we copy the entire certificate and paste in there? 

2. I get the errors

2023-07-18 13:36:14,769 ERROR pid=4110446 tid=MainThread file=gws_gmail_logs.py:stream_events:159 | Exception raised while ingesting data for gmail: 404 Not found: Dataset splunk-387815:gmail_logs_dataset was not found in location EU Location: EU Job ID: c504d67b-c171-49c9-9085-70831fad4353 . Traceback: Traceback (most recent call last): File "/opt/splunk/etc/apps/Splunk_TA_Google_Workspace/bin/gws_gmail_logs.py", line 126, in stream_events results = query_job.result(page_size=BIGQUERY_RESULT_PAGE_SIZE) File "/opt/splunk/etc/apps/Splunk_TA_Google_Workspace/lib/google/cloud/bigquery/job/query.py", line 1499, in result do_get_result() File "/opt/splunk/etc/apps/Splunk_TA_Google_Workspace/lib/google/api_core/retry.py", line 354, in retry_wrapped_func on_error=on_error, File "/opt/splunk/etc/apps/Splunk_TA_Google_Workspace/lib/google/api_core/retry.py", line 191, in retry_target return target() File 

I am guessing it is related to authentication and authorization. It would be great to get inputs/suggestions from the community out there and users who have already done this integration.

Best,
PR