I have a separate project for network and all managed AD logs, VPC logs and firewall logs getting stored in default/ required buckets of the project. I dont think with direct ingestion these logs are getting ingested into SecOps. Can someone please guide how i can get those logs ingested to SecOps?
Solved
Microsoft Managed AD, VPC and Firewall logs not showing in SecOps
Best answer by cmorris
Direct ingestion will cover a subset of logs - https://cloud.google.com/chronicle/docs/ingestion/cloud/ingest-gcp-logs#option_1_direct_ingestion. For log types out of scope for direct ingestion, you can configure GCS feeds, if you already have the logs there - https://cloud.google.com/chronicle/docs/reference/feed-management-api#gc-storage.
+10Direct ingestion will cover a subset of logs - https://cloud.google.com/chronicle/docs/ingestion/cloud/ingest-gcp-logs#option_1_direct_ingestion. For log types out of scope for direct ingestion, you can configure GCS feeds, if you already have the logs there - https://cloud.google.com/chronicle/docs/reference/feed-management-api#gc-storage.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.