From 8812fc99a1b6ba698981a44e558ceb5eee1b38dc Mon Sep 17 00:00:00 2001 From: Sebastien Quioc Date: Mon, 11 Sep 2023 16:31:45 +0200 Subject: [PATCH 1/2] fix(Google): list the supported applications and add the limitation about the collect --- .../cloud_and_saas/google/google_reports.md | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md b/docs/xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md index 28db92e464..df8c4bfc8c 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md @@ -13,6 +13,30 @@ Google Reports is a data reporting and analysis platform offered by Google for G {!_shared_content/operations_center/integrations/generated/04d36706-ee4a-419b-906d-f92f3a46bcdd.md!} +### Supported applications + +This integration can collect activities from the following GSuite applications: + +- `admin` to collect activities on the Admin console +- `calendar` to collect events from Google calendar +- `chat` to collect Chat activities +- `drive` to supervise Google Drive events +- `gcp` for the Google Cloud platform activiaties +- `groups` to collect Google groups events +- `groups_entreprise` to collect Entreprise groups events +- `jamboard` to collect Jamboard activities +- `login` to monitor authentication in Google applications +- `meet` to supervise Google meet events +- `token` for authentication supervision +- `user_accounts` to monitor Users accounts activities +- `keep` to supervices Google Keep activities + + +### Limitation + +Only activities from one applications can be collected from one playbook. +To collect activities from several Google Application, create as many playbooks as applications to collect. + ## Configure ### Prerequisites From cf9f4002b45dcecc23bd29a82c802efaebf9564d Mon Sep 17 00:00:00 2001 From: Sebastien Quioc Date: Mon, 11 Sep 2023 16:42:11 +0200 Subject: [PATCH 2/2] fix(Google): move sections --- .../integrations/cloud_and_saas/google/google_reports.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md b/docs/xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md index df8c4bfc8c..d1d2464b69 100644 --- a/docs/xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md +++ b/docs/xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md @@ -9,10 +9,6 @@ Google Reports is a data reporting and analysis platform offered by Google for G !!! warning This format is in beta. -{!_shared_content/operations_center/detection/generated/suggested_rules_04d36706-ee4a-419b-906d-f92f3a46bcdd_do_not_edit_manually.md!} - -{!_shared_content/operations_center/integrations/generated/04d36706-ee4a-419b-906d-f92f3a46bcdd.md!} - ### Supported applications This integration can collect activities from the following GSuite applications: @@ -37,6 +33,10 @@ This integration can collect activities from the following GSuite applications: Only activities from one applications can be collected from one playbook. To collect activities from several Google Application, create as many playbooks as applications to collect. +{!_shared_content/operations_center/detection/generated/suggested_rules_04d36706-ee4a-419b-906d-f92f3a46bcdd_do_not_edit_manually.md!} + +{!_shared_content/operations_center/integrations/generated/04d36706-ee4a-419b-906d-f92f3a46bcdd.md!} + ## Configure ### Prerequisites