Google G Suite Activity Reports REST API protocol options

Type a unique name for the log source.

The Log Source Identifier can be any valid value and does not need to reference a specific server. It can also be the same value as the Log Source Name. If you have more than one configured Google G Suite log source, ensure that you give each one a unique name.

If QRadar accesses Google G Suite by using a proxy, enable this option.

If the proxy requires authentication, configure the Proxy Server, Proxy Port, Proxy Username, and Proxy Password fields.

If the proxy does not require authentication, configure the Proxy Server and Proxy Port fields.

The time interval between log source queries to the Google G Suite Activity Reports API for new events. The time interval can be in hours (H), minutes (M), or days (D).

The default is 5 minutes.

The maximum number of events per second that QRadar ingests.

If your data source exceeds the EPS throttle, data collection is delayed. Data is still collected and then it is ingested when the data source stops exceeding the EPS throttle.

The delay, in seconds, for collecting data.

Google G Suite logs work on an eventual delivery system. To ensure that no data is missed, logs are collected on a delay.

The default delay is 7200 seconds (2 hours), and can be set as low as 0 seconds.