Skip to main content
 
 
Splunk Lantern

Google

 

Google Cloud Platform is a suite of cloud computing services. Alongside a set of management tools, it provides a series of modular cloud services including computing, data storage, data analytics and machine learning. Google Cloud Platform provides infrastructure as a service, platform as a service, and serverless computing environments. In April 2008, Google announced App Engine, a platform for developing and hosting web applications in Google-managed data centers. Since the announcement of App Engine, Google added multiple cloud services to the platform. Google Cloud Platform is a part of Google Cloud, which includes the Google Cloud Platform public cloud infrastructure, as well as Google Workspace (G Suite), enterprise versions of Android and ChromeOS, and application programming interfaces (APIs) for machine learning and enterprise mapping services.

Before looking at documentation for specific data sources, review the Splunk Docs information on general data ingestion: 

Getting data in

Source Add-ons and Apps Guidance
Chrome

Splunk platform

Configuration

Cloud Platform

Splunk platform

Splunk SOAR

Google Cloud Platform is a suite of public cloud computing services offered by Google. The platform includes a range of hosted services for for compute, storage, networking, big data, machine learning and IoT, as well as cloud management, security and developer tools, with a variety of different products available.

Configuration

Product Tips

Kubernetes Engine

Splunk Observability Cloud

Google Kubernetes Engine (GKE) provides a managed environment for deploying, managing, and scaling your containerized applications using Google infrastructure. The GKE environment consists of multiple machines (specifically, Compute Engine instances) grouped together to form a cluster.

Configuration

Pub/Sub

 

Google Pub/Sub is used for streaming analytics and data integration pipelines to ingest and distribute data. It enables the user to create systems of event producers and consumers, called publishers and subscribers. Publishers communicate with subscribers asynchronously by broadcasting events to the Pub/Sub service. Pub/Sub then delivers events to all services that need to react to them. In the Common Information Model, Google Pub/Sub data can be mapped to the Authentication data model.

External Resources

Use Cases

Workspace

Splunk platform

Splunk SOAR

Google Workspace, formerly GSuite, provides custom email for businesses and include collaboration tools like Gmail, Calendar, Meet, Chat, Drive, Docs, Sheets, Slides, Forms, Sites, and more. 

The Splunk Add-on for Google Workspace allows a Splunk administrator to collect Google Workspace event data using Google Workspace APIs. You can then analyze the data in the Splunk platform.

Configuration

Use Cases

External Resources