Hi,
One of our customers has two different tenants in their workspace. They would like to send logs to Google SecOps, but only from one of the tenants.
Is there a solution to filter the logs or any alternative approach to achieve this?
Page 1 / 1
You can set up a feed connection to the specific tenant you want and label it for advanced filtering:
https://cloud.google.com/chronicle/docs/ingestion/default-parsers/collect-workspace-logs
Thanks for your answer. I know this solution but i need to set filter before i send the logs to secops, there are two tenants in our workspace and we dont want to ingest all them!
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.