With the AlienApp for G Suite, you can monitor your Google G Suite (formerly known as Google Apps) activity and detect threats directly from USM Anywhere — providing a single pane of glass for all your security monitoring and compliance needs. This integration gives you the ability to collect this information, extending USM Anywhere threat detection capabilities to Gmail, Google Calendar, and Google Drive (Docs, Sheets, Slides, and Forms).
- Predefined log collection jobs perform scheduled API queries for G Suite logs and USM Anywhere produces normalizedNormalization describes the translation of log file entries received from disparate types of monitored assets into the standardized framework of Event types and sub-types. events from this data.
- The out-of-the-box correlation rules for G Suite events enable USM Anywhere to automatically create alarms, notifying you about suspicious activity in your environment.
- The AlienApp for G Suite includes predefined dashboards that give an overview of G Suite Audit and G Suite Drive to streamline your investigation and incident response processes.
Important: All G Suite environments include access to the Activity API, which provides the basic audit G Suite log data. However, only G Suite Enterprise or G Suite Business include access to the Reports API, which provides to the advanced G Suite log data. If you are a G Suite Basic customer, you cannot collect log data for Google Drive.
For more information about the differences between the G Suite editions, refer to their Support site.
Warning: If the AlienApp fails and there is a message to inform you that it has not been loaded, please contact the AlienVault Technical Support department to solve the problem.
Related Video Content
To view other related training videos, click here.