Direct ingestion configured in GCP to Google SecOps.
I noticed that, in our case, the GCP_BIGQUERY_CONTEXT dataset is very large and we would want to drop those but I can’t see where the ingestion is configured. Any tips?
Solved
How to disable ingestion for contextual data sources, e.g., GCP_BIGQUERY_CONTEXT?
+10- Silver 2
Best answer by cmorris
This is configured in GCP, please see https://docs.cloud.google.com/chronicle/docs/ingestion/default-parsers/ingest-gcp-logs#export-asset-metadata
+13This is configured in GCP, please see https://docs.cloud.google.com/chronicle/docs/ingestion/default-parsers/ingest-gcp-logs#export-asset-metadata
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.