I have been thinking about how google is assures log data post ingestion is stored in an immutable state for assurance from data security viewpoint. I tried searching for SecOps documentation but unable to find a straightforward statement.
Also, once data is stored, is there a way one could delete/alter the data, if one has an appropriate permission to do so. And how to keep a tap to such actions.?
Question
Data security for Security log data ingested in Google Chronicle SIEM.
+2- Bronze 1
+7- Bronze 1
Hello, please review the following reference, which may help answer your questions:
https://docs.cloud.google.com/chronicle/docs/about/data-retention
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.