Microsoft Security Sentinel

Share this post

Microsoft Security Sentinel
Microsoft Security Sentinel
🔥Public Preview Announcement: Microsoft Sentinel GCP Pub/Sub Audit Logs Connector🔥
Copy link
Facebook
Email
Notes
More

🔥Public Preview Announcement: Microsoft Sentinel GCP Pub/Sub Audit Logs Connector🔥

José Lázaro Pinos
Apr 03, 2023

Share this post

Microsoft Security Sentinel
Microsoft Security Sentinel
🔥Public Preview Announcement: Microsoft Sentinel GCP Pub/Sub Audit Logs Connector🔥
Copy link
Facebook
Email
Notes
More
Share

As organizations boldly venture into the realm of multi-cloud architectures, they're exploring the potential of integrating applications and data storage across various public clouds, including platforms such as Google Cloud Platform (GCP).

🔍 Dive into this insightful article to uncover the secret to achieving comprehensive security coverage and unrivaled attack detection in your multi-cloud environment with Microsoft Sentinel.

Introducing the GCP Pub/Sub Audit Logs Connector, built on our Codeless Connector Platform (CCP)! Seamlessly ingest logs from your GCP environment using the GCP Pub/Sub capabilities.

💥Once you ingest the GCP data, you can view the details of three types of audit logs:

✔️Admin activity logs

✔️Data access logs

✔️Access transparency logs

With these, Google's Cloud Audit Logs records a trail that practitioners can use to monitor access and detect potential threats across GCP resources.

💥Prerequisites:

  • The Microsoft Sentinel solution enabled.

  • A defined Microsoft Sentinel workspace.

  • A GCP environment collecting GCP audit logs.

  • The Microsoft Sentinel Contributor role.

  • Access to edit and create resources in the GCP project.

💥How to set up the GCP Pub/Sub connector in Microsoft Sentinel?

  • Open the Azure portal and navigate to the Microsoft Sentinel service.

  • In the Content hub, in the search bar, type Google Cloud Platform Audit Logs.

  • Install the Google Cloud Platform Audit Logs solution.

  • Select Data connectors, and in the search bar, type GCP Pub/Sub Audit Logs.

  • Select the GCP Pub/Sub Audit Logs (Preview) connector.

  • Below the connector description, select Open connector page.

  • In the Configuration area, select Add new.

  • Type the resource parameters you created when you created the GCP resources. Make sure that the Data Collection Endpoint Name and the Data Collection Rule Name begin with Microsoft-Sentinel- and select Connect.

Want to learn more? 💡

📚MS Docs: Stream Google Cloud Platform into Microsoft Sentinel | Microsoft Learn

Thanks for reading Microsoft Security Sentinel! Subscribe for free to receive new posts and support my work.

Share this post

Microsoft Security Sentinel
Microsoft Security Sentinel
🔥Public Preview Announcement: Microsoft Sentinel GCP Pub/Sub Audit Logs Connector🔥
Copy link
Facebook
Email
Notes
More
Share

Discussion about this post

No posts

Ready for more?

© 2025 José Lázaro Pinos
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More