Can I integrate with Google BigQuery API to query Gmail logs from Panther?

Last updated: December 31, 2025

QUESTION

How can I integrate with Google BigQuery API to query Gmail logs from Panther?

ANSWER

The support of the native ingestion of Gmail logs has been introduced in v1.117 of Panther, leveraging the existing Google Workspace integration, as described in the article Does Panther support ingesting Gmail logs?.

However, the following two workarounds also exist:

Export Big Query table data to Google Cloud Storage (GCS), and configure GCS as a Data Transport in Panther. Gmail generates one BigQuery table per day.
BigQuery supports scheduled queries and you could potentially leverage the EXPORT DATA statement to continuously query for new data on the partitioned table itself.