Webinar
Tue, Sep 9, 2:00 PM - 3:00 PM (UTC)
Community Webinar: Best Practices For Ingestion And Parsing in Google Security Operations
About this event
The Community live streaming webinar series is back! Unlock the full potential of your security data by mastering the art of ingestion and parsing in Google SecOps. Join Tom Ruff, a Technology Solutions Consultant at Google Cloud Security, for a deep dive into the best practices for onboarding security data. We'll show you how to reliably collect, transport, and parse logs from a wide variety of sources—including on-premise and cloud—to ensure your data is valuable from the moment it arrives.
In this session, we’ll cover:
- Best practices for collecting logs from diverse sources like security devices (firewalls, EDRs), cloud services (AWS, Google Cloud), and operating systems.
- Choosing the right transport method (Bindplane, SecOps Forwarder, Cribl) and why buffering is critical for reliable data delivery.
- Why sending logs in their original format (JSON, SYSLOG, CEF) maximizes out-of-the-box parsing success.
- Tips for building effective custom parsers, including using AI to generate Grok patterns when needed.
- A look ahead at upcoming AI-powered features for automatic parsing.
Event details
Online event
Tue, Sep 9, 2:00 PM - 3:00 PM (UTC)
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.