Skip to main content
Splunk Lantern

Google: Cloud Platform

 

Google Cloud Platform is a suite of public cloud computing services offered by Google. The platform includes a range of hosted services for for compute, storage, networking, big data, machine learning and IoT, as well as cloud management, security and developer tools, with a variety of different products available.

Configuration

The Splunk Dataflow template allows Google Cloud customers to engineer a horizontally scalable and fault-tolerant logging export pipeline into Splunk Enterprise or Splunk Cloud Platform. The streaming pipeline reads messages from a Pub/Sub subscription and writes the message payload to Splunk via Splunk's HTTP Event Collector (HEC).

The Splunk Add-on for Google Cloud Platform allows a Splunk software administrator to collect Google Cloud Platform events, logs, performance metrics and billing data using Google Cloud Platform API. After the Splunk platform indexes the events, you can analyze the data using the prebuilt panels included with the add-on. You can then directly analyze the data or use it as a contextual data feed to correlate with other Google Cloud-related data in the Splunk platform.

The Splunk GCP Application Template is a blueprint of visualizations, reports, and searches focused on Google Cloud use cases. Many of the reports within GCP require Google Cloud asset inventory data to be periodically generated and sent into Splunk. You’ll need to create an inventory generation pipeline so you can populate GCP’s dashboards and reports. Learn more about Google Cloud asset inventories here.

If you are a Splunk Observability Cloud user, you might also want to check the Splunk Observability Cloud documentation information on supported integrations that covers Google Cloud Platform services.

You can also check Splunk Cloud on Google Cloud for information on integrations, applications, tools, and solutions which have been created to enable or enhance use cases across data protection, productivity, safer remote working and more.

Application

When your Splunk deployment is ingesting Google Cloud Platform data, you can use the data to achieve the following Security use cases:

You can also use it to achieve the following Observability use cases: 

You can also look at our data page on Google: Kubernetes Engine (GKE) for more information about Observability and Kubernetes-based Splunk use cases.