Can Panther ingest GCP Security Command Center logs?
QUESTION
Does Panther have native support for GCP Security Command Center logs?
ANSWER
Adding native support for GCP Security Command Center logs is on our radar, but we don't yet have a defined delivery date for this.
Meanwhile, you could create a custom schema for these logs and then use a Data Transport (S3, SQS, Google Cloud Storage, CloudWatch Logs, or Google Cloud Pub/Sub) to ingest them into Panther.
You can define a custom schema via the following methods:
- Inferring from sample logs
- In the Panther Console
- Using the pantherlog CLI tool
- Inferring from S3 data received in Panther
- Inferring from historical S3 data
- Manual creation
You can find all the relevant details in the section Custom Logs from our documentation.
Please reach out to your CSM or Panther Support if you would like to request native support for this log type.