Best Practices For Ingestion And Parsing in Google Security Operations
Автор: Mandiant & Google Cloud Security
Загружено: 2025-12-16
Просмотров: 536
Описание:
Unlock the full potential of your security data by mastering the art of ingestion and parsing in Google SecOps. In this session, Tom Ruff (Technology Solutions Consultant, Google Cloud Security) demonstrates the critical best practices for reliably collecting, transporting, and parsing logs from diverse sources. Watch to learn how to choose the right transport method, why original log formats matter, and how to utilize AI for building effective custom parsers.
What's covered:
Log Collection Best Practices: Strategies for gathering data from firewalls, EDRs, cloud services (AWS, Google Cloud), and operating systems.
Transport & Buffering: Comparing transport methods like Bindplane, SecOps Forwarder, and Cribl, and why buffering is essential for reliability.
Optimizing Log Formats: Why sending logs in original formats (JSON, SYSLOG, CEF) maximizes out-of-the-box parsing success.
Custom Parsing Techniques: Tips for building parsers, including the use of AI to generate Grok patterns.
Future of Parsing: A sneak peek at upcoming AI-powered features for automatic parsing.
Have questions? Come ask the Community
https://security.googlecloudcommunity...
https://security.googlecloudcommunity...
Повторяем попытку...
Доступные форматы для скачивания:
Скачать видео
-
Информация по загрузке:
