A DevOps Engineer is analyzing audit and flow logs to identify anomalies and potential security threats within Google Cloud Platform (GCP). They've opted for SIEM tools to assist in this task. What is the most effective method to integrate SIEM tools with GCP for this purpose?

Real Exam

Install a SIEM agent on each virtual machine (VM) and configure it to send logs directly to the SIEM tool.

Manually export logs from Google Cloud Logging periodically and then import them into the SIEM tool.

Use the Google Cloud Pub/Sub service to stream logs from Google Cloud Logging to the SIEM tool in real-time.

Rely on the built-in integration between Google Cloud Logging and the SIEM tool to automatically forward logs.

Google Professional Cloud DevOps Engineer