Google SecOps Standardization Processor for Bindplane

This is a brief post outlining one of the available Processors in Bindplane called the Google SecOps Standardization Processor.

The Google SecOps Standardization Processor is used to add telemetry to logs shipped to SecOps via Bindplane. Specifically, it sets the log_type ingestion label so that logs sent to SecOps via Bindplane can be parsed and interpreted correctly.

For more information about this Processor, see the associated documentation below.

https://bindplane.com/docs/resources/processors/google-secops-standardization

To re-familiarize yourself with available parsers and their associated log types, also see the following documentation.

https://cloud.google.com/chronicle/docs/ingestion/parser-list/supported-default-parsers

An example configuration of this Processor is shown below. In this example, the Standardization is done for logs of type Windows Event Log (WINEVTLOG)

Be the first to reply!

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded