Skip to main content
Ent+
This feature is available as an add-on for the Honeycomb Enterprise plan. Please contact your Honeycomb account team for details.
This processor requires collector version 1.64.0 or newer to send fields to Google SecOps. In older collector versions, namespace and ingestion label fields will be added to telemetry but not parsed in Google SecOps.

Description

The Google SecOps Standardization processor can be used to add the log_type ingestion label, which specifies the appropriate SecOps Parser for your logs.

Supported Types

Configuration

Example Configuration

Configure Google SecOps for Windows events

This example configuration sets logType to “WINEVTLOG”, namespace to “security”, and ingestionLabels to a key-value pair: “environment” and “production”. Standalone Processor: