Latest Version 4.0.6
March 14, 2023
Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
This app is archived. Learn more
GCP Security Monitoring App for Splunk
GCP Security Monitoring app for Splunk analyses GCP platform logs and alerts on specific security related rulesets.
Built by
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1
Rating
0
(0)
Log in to rate this app
Support
Not Supported
GCP Security Monitoring app for Splunk analyses GCP platform logs and alerts on specific security related rulesets.
GCP Platform logs can be forwarded to Splunk through either:
- Splunk Add-on for Google Cloud Platform
- Pub/Sub to Splunk Dataflow job
- Pub/Sub to Splunk Custom forwarders - https://github.com/manasmbellani/pygcplogs/tree/master/splunk
Once platform logs have been forwarded, this application adds custom rules for security monitoring and alerting on these platform logs such as detection of public GCS buckets, service accounts created with excessive permissions.
For list of available detections, please see the `Details` tab
Categories
Created By
Manas Bellani
Type
app
Downloads
1,260
Licensing
Splunk Answers
Resources
Log in to report this app listing