BDS G SUITE INTEGRATION

BDS G SUITE INTEGRATION


  


Pre-Requisites:


  1. You will need Domain Administrator Privileges to configure the G-Suite Integration within BDS.  



Preparation


Before configuring G-Suite in data processor, user would need to enable this feature in the google admin dashboard.


1.  Enabling the G-Suite Admin SDK API.

a.  Goto console.cloud.google.com

b.  Choose "APIs & Services" - "Library"

c.  

d.  Search for "Admin SDK" and press "Enable"

2.  Creating a service account

a.  Click "IAM & Admin" > "Service accounts" b.  Click Create Service Account.

i.  Enter a name for the service account name field ii.  Enter a description for the service account

c.  Click Create

d.  Click Continue > Create Key

i.  The key type need to be set to JSON and click Create. You will see a message that the service account JSON file downloaded to your computer

e.  Click Close > Done

3.  Adding service account to G Suite

a.  Go to G Suite Admin Console (admin.google.com)

b.  Click Security, Advanced settings

c.  Click Manage API client access from the authentication section d.  Open the JSON key file downloaded from item 2

e.  Enter the "Client ID" retrieved from JSON file to the "Client Name" field.

f.  In the One or More API Scopes field, enter the list of scopes to be granted. The following is the sample to access the report API:



  1. https://www.googleapis.com/auth/admin.reports.audit.readonly

                    g. Click "Authorize"





BDS UI configuration


1.  Adding new G-Suite connection under UI Collect-Connectors

a.  Admin Email field need to be gsuite admin email account

b.  API Scopes are the authorized scopes specified in item 3(f). This will be the same string that you enter in item 3(f). If you have multiple scopes, you can separate them by comma as what is specified in google admin console.

c.  Service Account Key File is the file downloaded in item 2(d).

d. Please ensure to select the tenant while you perform the integration if you are admin of the tenant. 

2.  You can click G-Suite Test button to test gsuite connectivity





















Please note that the most recent G-Suite data may take up to 2 hours to show up due to google does not seem to process those data in real time.


Please let SOC know if you have questions in the process of integration. You can  always email socir@cyflare.com to have the integration done if you can retrieve the credentials like admin email ID, JSON file and  API Scopes  to be added into the  BDS integratio





    • Related Articles

    • USM Anywhere - G Suite Setup

      Once the integration is enabled ( G-Suite APP ) the predefined log collection jobs take place and queue the events for analysis. This provides the additional G-Suite Dashboard. Currently, the AlienApp for G Suite supports the connection of one G ...
    • AWS Cloudtrail Integration Guide With Breach Detection

      Overview AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS ...
    • Office 365 Integration with Breach Detection Service (Latest Version)

      Overview Office 365 is a critical part of your infrastructure. The Pulse Breach Detection platform provides API based integration with Office 365 & Azure AD to provide visibility into system changes, file sharing and authentication related events ...
    • EVENT ID Search in BDS Platform

      An Alarm raised by SOC? Curious to know what the alarm is and why SOC raised it? We provide complete transparency to check what event/alarm was raised by the SOC to the Partner/Client Pre – Requisites:  1. Login Credentials 2. Portal URL to login 3. ...
    • Syslog Forwarding - Breach Detection System - Ports To Send To

      Firewall Ports to Open for Log Ingestion Network and security sensors require open inbound UDP ports on your firewall in order to receive and parse logs from devices on your network. The ports are already open by default on the sensor, so you must ...