Google Chronicle destination plugin
The Google Chronicle destination plugin lets you configure your Telemetry Pipeline to output data to Google Chronicle.
Supported telemetry types
This plugin supports these telemetry types:
| Logs | Metrics | Traces |
|---|---|---|
Configuration parameters
Use the parameters in this section to configure your plugin. The Telemetry Pipeline web interface uses the values in the Name column to describe the parameters. Items in the Key column are the YAML keys to use in pipeline configuration files.
GCP Authentication
| Name | Key | Description | Default |
|---|---|---|---|
| Google Service Credentials Path | google_service_credentials | The Service Credentials file lets Telemetry Pipeline communicate directly with Google Cloud Services using a service account (opens in a new tab). | none |
| GCP Service Account Email | service_account_email | Account email associated with the service. Available only if no credentials file has been provided. | none |
| GCP Service Account Secret | service_account_secret | Private key content associated with the service account. Available only if no credentials file has been provided. | none |
| GCP Project Id | project_id | The project ID containing the tenant of Google Chronicle to stream into. | none |
| Google Chronicle Customer ID | customer_id | Required. The customer ID to identify the tenant of Google Chronicle to stream into. | none |
| Google Chronicle Log Type | log_type | Required. The log type to handle the request entries. Users must set up the valid, supported log type (opens in a new tab) or the Google Chronicle service denies log ingestion. | none |
Advanced
| Name | Key | Description | Default |
|---|---|---|---|
| Region Location | region | The GCP region in which to store Google Chronicle security logs. Accepted values: ASIA, EU, UK, US. | US |
Security and TLS
| Name | Key | Description | Default |
|---|---|---|---|
| TLS | tls | Enable or disable TLS/SSL support. Accepted values: true, false. | false |
| TLS Certificate Validation | tls.verify | Enable or disable TLS/SSL certificate validation. TLS must be enabled for certificates to be validated. Accepted values: off, on. | on |
| TLS Debug Level | tls.debug | Set TLS debug verbosity level. Accepted values: 0 (No debug), 1 (Error), 2 (State change), 3 (Informational), 4 (Verbose). | 1 |
| CA Certificate File Path | tls.ca_file | Absolute path to CA certificate file. | none |
| Certificate File Path | tls.crt_file | Absolute path to certificate file. | none |
| Private Key File Path | tls.key_file | Absolute path to private key file. | none |
| Private Key Path Password | tls.key_passwd | Password for private key file. | none |
| TLS SNI Hostname Extension | tls.vhost | Hostname to be used for TLS SNI extension. | none |
Advanced Networking
| Name | Key | Description | Default |
|---|---|---|---|
| DNS Mode | net.dns.mode | Select the primary DNS connection type, which can be TCP or UDP. | none |
| DNS Resolver | net.dns.resolver | Select the primary DNS connection type, which can be LEGACY or ASYNC. | none |
| Prefer IPv4 | net.dns.prefer_ipv4 | Prioritize IPv4 DNS results when trying to establish a connection. Accepted values: true, false. | false |
| Keepalive | net.keepalive | Enable or disable Keepalive support. Accepted values: true, false. | true |
| Keepalive Idle Timeout | net.keepalive_idle_timeout | Set maximum time allowed for an idle Keepalive connection. | 30s |
| Max Connect Timeout | net.connect_timeout | Set maximum time allowed to establish a connection, which includes the TLS handshake. | 10s |
| Max Connect Timeout Log Error | net.connect_timeout_log_error | On connection timeout, specify if it should log an error. When disabled, the timeout is logged as a debug message. Accepted values: true, false. | true |
| Max Keepalive Recycle | net.keepalive_max_recycle | Set maximum number of times a keepalive connection can be used before it's retired. | 2000 |
| Source Address | net.source_address | Specify network address to bind for data traffic. | none |