Google Workspace
Version: Google Workspace (formerly known as G Suite).
Google Workspace (formerly G Suite) is a package of cloud computing, productivity, and collaboration tools, software, and products developed by Google. Google Workspace comprises Gmail, Hangouts, Calendar, Docs, Sheets, Slides, Keep, Forms, Currents, Drive and Sites. Also, it consists of an admin panel and vault for managing users and services.
Netsurion Open XDR manages the logs retrieved from Google Workspace. The alerts, reports, dashboards, and saved searches in Netsurion Open XDR are enhanced by capturing the important and critical activities in Google Workspace.
The following are the key assets available in this Data Source Integration.
Alerts
| Type | Name | Description |
|---|---|---|
| Security | Google Workspace – Suspicious login | Generated when a suspicious login activity has been detected in the Google Workspace account. |
| Compliance | Google Workspace – Login failure | Generated when a login failure activity has been detected in the Google Workspace account. |
Reports
| Type | Name | Description |
|---|---|---|
| Operational | Google Workspace – Login and logout activities | Provides details of all login and logout events that have occurred in the Google Workspace account. |
| Operational | Google Workspace – Token activities | Provides details of token activities like token generation for a user, validation, etc. in the Google Workspace account. |
| Operational | Google Workspace – Mobile activities | Provides details of all the events that have occurred over mobile in the Google Workspace account. |
| Operational | Google Workspace – Admin activities | Provides details of all the admin events that have occurred in the Google Workspace account. |
Dashboards
| Type | Name | Description |
|---|---|---|
| Security | Google Workspace – Suspicious login by geo-location | Displays data of all the suspicious logins by the user’s geo-location. |
| Compliance | Google Workspace – Auth token usage by username | Displays multiple types of auth token methods used by username. |
| Compliance | Google Workspace – Login activities | Displays data of login activities of all the users in the Google Workspace account. |
| Operational | Google Workspace – Admin activities by user | Displays data of all the admin activities of users in the Google Workspace account. |
Saved Searches
| Type | Name | Description |
|---|---|---|
| Operational | Google Workspace – Admin activities | Provides details of all the admin events that have occurred in the Google Workspace account. |
| Operational | Google Workspace – Login activities | Provides details of all the login and logout events that have happened in the Google Workspace account. |
| Operational | Google Workspace – Mobile activities | Provides details of all events that have occurred over mobile in the Google Workspace account. |
| Operational | Google Workspace – Token activities | Provides details of token activities like token generation for a user, validation, etc. in the Google Workspace account. |
Documentation
The configuration details are consistent with Netsurion Open XDR version 9.3 or later, and Google Workspace.
Download the Integration Guide for configuration instructions and more information.