You need to provide a subset of Google Cloud logs to an on-premises SIEM while minimizing the risk of data exposure in your cloud environment. What should you do?

Exam-Like

Create a new BigQuery dataset. Stream all logs to this dataset. Provide the on-premises SIEM system access to the data in BigQuery by using workload identity federation and let the SIEM team filter for the relevant log data.

Define a log view for the relevant logs. Provide access to the log view to a principal from your on-premises identity provider by using workforce identity federation.

Create a log sink for the relevant logs. Send the logs to Pub/Sub. Retrieve the logs from Pub/Sub and push the logs to the SIEM by using Dataflow.

Filter for the relevant logs. Store the logs in a Cloud Storage bucket. Grant the service account access to the bucket. Provide the service account key to the SIEM team.

Google Professional Cloud Security Engineer

Get started today

Comments

You need to provide a subset of Google Cloud logs to an on-premises SIEM while minimizing the risk of data exposure in your cloud environment. What should you do?