QUESTION

 Can I ingest Admin Alerts from Google Workspace?

ANSWER

Panther queries the Google Workspace Admin Reports API for its G Suite integration and does not natively support Admin Alerts at this time.

If your Admin Alerts logs are stored in Google Cloud Storage or an AWS S3 bucket, you can create a Custom Schema for this log type. If the logs are in JSON format, you can use the Generate Schema feature to have Panther generate a schema for you.

Please reach out to Panther Support if you would like to request native support for this log type.