Review GCP Events in Tenable Security Center
To review GCP Events in Tenable Security Center:
-
Navigate to Tenable Security Center and log on with a user account that has permission to view logs for the organization.
A dashboard that corresponds to the user role appears.
-
In the top navigation bar, click Analysis, and then click the Events link.
The Event Analysis page appears, displaying the Type Summary section.
-
Click the Type Summary button, and then select Normalized Event Summary.
The Normalized Event Summary section appears.
-
In the upper-left corner of the page, click .
The Filters pane appears.
-
Click the Syslog Text box, and then, in the Syslog Text text box, type googleapis.
-
Click OK.
-
In the Filters pane, click the Apply All button.
In the Normalized Event Summary section, the list of events is filtered and displays events that include googleapis in the text of the syslog.
The GCP events available will be based on the logs you specified when you configured Stackdriver Logging. You can click the Jump to Raw Syslog Events link to directly view the log data.