Google Cloud Audit Logs

The IBM® QRadar® DSM for Google Cloud Audit Logs collects JSON events from a Google Cloud service.

To integrate Google Cloud Audit Logs with QRadar, complete the following steps:
  1. If automatic updates are not enabled, RPMs are available for download from the IBM support website (http://www.ibm.com/support). Download and install the most recent version of the following RPMs on your QRadar Console:
    • GoogleCloudAudit DSM RPM
    • DSM Common RPM
    • GoogleCloudPubSub protocol RPM
    • GoogleCommon protocol RPM
    • Protocol Common RPM
  2. Configure your Google Cloud Audit Logs service to send events to QRadar.
  3. If QRadar does not automatically detect the log source, add a log source for Google Cloud Audit Logs on the QRadar Console.