Learn more about the Google Cloud Platform standard data source and content pack integrations in Cortex XDR.
You can configure collecting Google Cloud Platform (GCP) logs using a standard data source, Cloud Service Provider (CSP) onboarding data source, or with a content pack integration:
Google Cloud Platform vendor | Description |
|---|---|
Standard data source overview | If you use the Pub/Sub messaging service from Google Cloud Platform (GCP), forward logs and data to Cortex XDR from your GCP instance using the Google Cloud Platform data source. |
Link to standard data source instructions | The following types of logs can be ingested from Google Cloud Platform:
For more information, see Ingest logs and data from a GCP Pub/Sub. |
Link to full configuration Cloud Service Provider (CSP) onboarding data source instructions | |
Link to basic configuration Cloud Service Provider (CSP) onboarding data source instructions for Cortex XDR NG SIEM, Cortex XDR Enterprise license, and Cortex XDR Enterprise+ licenses. | |
Links to content pack/ integration details | The Google Cloud Pub / Sub content pack integrates with the Google Cloud Pub / Sub messaging service to enable you to send and receive messages between independent applications. It contains the following integration:
This integration requires specific elevated permissions such as Project-Owner or Pub/Sub Admin, |