Looker

Marketplace

Develop for Marketplace

Blocks

GCP Audit Log Analysis

By Google
Looker’s GCP Audit Log Analysis Block provides a means for easily exploring and reporting and alerting on GCP audit log data.
Looker’s GCP Audit Log Analysis Block provides a means for easily exploring and reporting and alerting on GCP audit log data.

Version

v2.0.0

Release Notes

Category

Blocks

ETL Providers

Google BigQuery Export

SQL Dialects

Google BigQuery

Overview

Install this block for free by importing the project(s) from the GitHub repository linked at the top of the listing.

For SOCs and SREs, Looker’s GCP Audit Log Analysis Block provides a means for easily exploring and reporting and alerting on GCP audit log data. It contains dashboards covering an Admin Activity overview, account investigation, and one using the MITRE ATT&CK framework to view activities that map to attack tactics. These dashboards identify brute force attacks, accounts accessing many services in a period of time, IAM escalations, and more. As with all Looker dashboards, they can be configured and modified for your analytical needs.

GCP logs can be exported to BigQuery using Aggregated Sinks in Cloud Logging, This will allow you to create export log entries from all the projects, folders, and billing accounts of a Google Cloud organization.

Related Content

Amazon Redshift Administration

AWSFine-tune your Redshift deployment with a comprehensive view of performance and query analysis.Blocks

BigQuery Information Schema Performance Monitoring

GoogleMonitor and Explore your BigQuery Usage and PerformanceBlocks

© 2021 Looker Data Sciences, Inc.
Privacy | Terms | Cookies