Hi,
We are evaluating with a community edition. During configuration I have received the following message:
"Confirm you have an ingestion key: If you haven’t yet received an apikeys.json (or similar) from Google/partner for this Community instance, request an Ingestion Service Account credential for this Community tenant"
I am not sure where to request this and have searched extensively. The information I found here says “Your Google Security Operations representative provides you with a Google Developer service account credential to enable the API client to communicate with the API, and share its credentials (JSON key) so your API client can authenticate to the API”
I don’t have a Google Security Operations representative 😊
Can anyone point me in the right direction or assist please?
Many thanks!
Question
Request ingestion key
+3Good afternoon,
I assume by community edition you are referencing a free trial version from GCP? If so you manage the keys for such things as ingestion through GCP IAM. For ingestion purposes I would use the pre-determined GCP IAM role roles/chronicle.editor and this will allow you to ingest data to SecOps.
Thanks,
Login to the community
Login with SSO
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.