Hello,
I have a requirement to send NetApp CVO Admin activity events from Server.log and authentication events to google secops. I am trying to send them first to cloud logging and then route them to SecOps from there.
Does anyone know what options there is to do this ?
Any help is much appreciated
Where is your NetApp CVO hosted in the cloud? Which cloud platform is hosted?
Thanks,
Darwin Vinoth.
Linkedin
Hi @DarwinVinoth ,
NetApp CVO is hosted in gcp. As far as I understood, the application can forward logs to a syslog server. Is this something that can be leveraged to send the logs to cloud logging ?
I found this blog, which talks about fluentd log forwarding. Please give a try with the log forwarding through the log forwarder agents.
https://cloud.google.com/logging/docs/agent/logging/configuration
Also, try using the Bindplane agent for log forwarding. https://cloud.google.com/chronicle/docs/ingestion/use-bindplane-agent
Thanks,
Darwin Vinoth.
Linkedin