Skip to main content
Panther Knowledge Base

Why are my Google Workspace alerts not ingested by Panther?

  1. Last updated
  2. Save as PDF

QUESTION

Why is my Google Workspace Logs integration with Panther not ingesting high severity alerts?

ANSWER

Panther’s Google Workplace (G Suite) log puller ingests Google Workplace audit logs, but it does not ingest data from G Suite's Alert Center. Some events in Panther may correspond to your Alert Center events if those alerts also generate logs in the Rules Audit Logs.

All data reported in G Suite Console > Reporting > Audit and Investigation, for a specific application, are available in Panther. For example, if you were attempting to locate logs for the “Rules” application, you would see that all logs appearing in your G Suite Admin Console Search Results are also ingested by Panther.

Note: Activity Rules likely generate audit logs, but Reporting rules may not meaning a specific rule might not generate audit logs.

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
  2. Tags
    This page has no tags.