Hello, I want to perform an alerting notification in chronicle (not GCP), maybe a rule or dashboard visualisation about log source or a forwarder stopped sending logs, i want to do this on the siem directly without doing it on GCP
For info i have GCP audit logs ingested in chronicle
Thanks
Page 1 / 1
Hi @Rached1996,
The following will likely be of use, modify this to look for metadata.log_type, as opposed to principal.hostname- Re: How to Configure Log Stoppage Alert for Indivi... - Google Cloud Community
Kind Regards,
Ayman
Thanks aymen
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.