Skip to main content

Google Chrome

The official browser from Google. Chrome is a cross-platform web browser which brings you the best of Google.

Google Chrome

This pack includes Cortex XSIAM content.

Overview

Google Workspace integration allows you to ingest logs and data from Google Workspace into Cortex XSIAM.

This integration supports the following data:

  • Google Chrome — Chrome browser and Chrome OS events included in the Chrome activity reports.

  • Admin Console — Account information about different types of administrator activity events included in the Admin console application's activity reports.

  • Google Chat — Chat activity events included in the Chat activity reports.

  • Enterprise Groups — Enterprise group activity events included in the Enterprise Groups activity reports.

  • Login — Account information about different types of login activity events included in the Login application's activity reports.

  • Rules — Rules activity events included in the Rules activity report.

  • Google drive — Google Drive activity events included in the Google Drive application's activity reports.

  • Token — Token activity events included in the Token application's activity reports.

  • User Accounts — Account information about different types of User Accounts activity events included in the User Accounts application's activity reports.

  • SAML — SAML activity events included in the SAML activity report.

  • Alerts — Alerts from the Alert Center API beta version, which is still subject to change.

  • Emails — Collects email data (not emails reports). All message details except email headers and email content (payload.body, payload.parts, and snippet).

What does this pack do?

This pack provides various browser events monitoring and management such as user logins, passwords usages and websites access.

Use Cases

  1. Password Management and Security:
    Prevent from users to use their passwords on dangerous/ unauthorized websites.
    Preventing password reuse protect the organization from compromised accounts.

  2. Websites Access Management and File Downloading:
    Monitor and block accesses to malicious/ suspicious websites and control of harmful/ unwanted files downloading.

  3. Browser Extensions Management:
    Extensions management allows IT administrators to test and evaluate extension for the organization, allow/ block certain extensions and force installed extensions.

Configure Google Workspace

To configure ingestion of data from Google Workspace follow the procedure below:
Ingest Logs and Data from Google Workspace

  • To configure Google Workspace you must have user with the corresponding permissions.
  • To configure emails data ingestion you must set up compliance email account as mentioned in the above link.

Configure Cortex XSIAM

  1. Go to Configuration
  2. Select Data Sources
  3. Search Google Workspace
  4. Click on Connect
  5. Click on the three dots on the right of the data source
  6. Add new instance
  7. Name the log collection
  8. Insert the service account key from previous step (Configuration on Server Side)
  9. Select Google Chrome under Collect field
  10. Add service account email

PUBLISHER

PLATFORMS

Cortex XSIAM

INFO

CertificationRead more
Supported ByCortex
CreatedNovember 10, 2023
Last ReleaseNovember 13, 2024
DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.