Difference between revisions of "Datadog SIEM Content Packs for Google Workspace"
Jump to navigation
Jump to search
(→Low) |
|||
| Line 17: | Line 17: | ||
=== Low === | === Low === | ||
| − | Google Workspace admin role created | + | * <code>Google Workspace admin role created</code> |
| − | Google Workspace administrator initiated a data transfer request | + | * <code>Google Workspace administrator initiated a data transfer request</code> |
| − | Google Workspace user assigned administrative role | + | * <code>Google Workspace user assigned administrative role</code> |
| − | Google Workspace user disabled 2-step verification | + | * <code>Google Workspace user disabled 2-step verification</code> |
| − | Google Workspace user forwarding email out of non Google Workspace domain | + | * <code>Google Workspace user forwarding email out of non Google Workspace domain</code> |
| − | Google Workspace user has unenrolled from Advanced Protection | + | * <code>Google Workspace user has unenrolled from Advanced Protection</code> |
| − | Large amount of downloads on Google Drive | + | * <code>Large amount of downloads on Google Drive</code> |
| − | User attempted login with leaked password | + | * <code>User attempted login with leaked password</code> |
== See also == | == See also == | ||
Revision as of 10:57, 9 October 2024
Google Workspace Alert Center
Google Workspace Tor client detected
Google Workspace user assigned super administrative role
Google Workspace user edited account recovery information
Domain added to Google Workspace allowlisted domains
Google Workspace accessed by Google
Google Workspace administrator has disabled 2-step verification for organizational unit
Low
Google Workspace admin role created
Google Workspace administrator initiated a data transfer request
Google Workspace user assigned administrative role
Google Workspace user disabled 2-step verification
Google Workspace user forwarding email out of non Google Workspace domain
Google Workspace user has unenrolled from Advanced Protection
Large amount of downloads on Google Drive
User attempted login with leaked password
See also
- Datadog security: Datadog Cloud SIEM, Content Packs, Datadog Cloud SIEM signals
- Google Workspace, Google Workspace API, Admin SDK API, Super admin, Directory API,
users.list,users.insert, Admin console:admin.google.com, Terraform provider: googleworkspace, Google Workspace: administrator roles, Google Drive, Google Vault, Spaces, Jamboard, Datadog SIEM
Advertising:
