AlienVault® USM Anywhere™

Viewing Your G Suite Events

Role Availability Read-Only Analyst Manager

With a configured AlienApp for G Suite, USM Anywhere collects, enriches, and analyzes log data from your Google G Suite environment, detecting any suspicious activity, such as login failures and brute forceTechnique or attack method, typically used with authentication, involving an exhaustive procedure that tries all possibilities (for example, to find a valid password), one-by-one. authentications. When USM Anywhere detects a threat, it generates an alarm.

After the USM Anywhere Sensor collects the first G Suite log data and USM Anywhere normalizes the raw data, these events start appearing in the Events page. To provide a more focused view of these events, there are G Suite dashboards available under Dashboards in the top navigation menu.

Note: All G Suite environments include access to the Activity API, which provides the basic audit G Suite log data. However, only G Suite Enterprise or G Suite Business include access to the Reports API, which provides to the advanced G Suite log data. If you are a G Suite Basic customer, you cannot collect log data for Google Drive.

For more information about the differences between the G Suite editions, refer to their Support site.

View one of the G Suite dashboards in USM Anywhere