You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: pipeline/outputs/chronicle.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -10,21 +10,21 @@ Fluent Bit streams data into an existing Google Chronicle tenant using a service
10
10
11
11
To stream security logs into Google Chronicle, create a [Google Cloud service account](https://cloud.google.com/iam/docs/creating-managing-service-accounts) for Fluent Bit:
12
12
13
-
1. Create a tenant of Google Chronicle
13
+
1. Create a tenant of Google Chronicle.
14
14
15
15
Fluent Bit doesn't create a tenant of Google Chronicle for your security logs, so you must create this ahead of time.
16
16
17
-
1. Retrieve service account credentials
17
+
1. Retrieve service account credentials.
18
18
19
19
The Fluent Bit Chronicle output plugin uses a JSON credentials file for authentication credentials. Download the credentials file by following the instructions for [Creating and Managing Service Account Keys](https://cloud.google.com/iam/docs/creating-managing-service-account-keys).
20
20
21
21
## Configurations parameters
22
22
23
23
| Key | Description | Default |
24
24
| :--- | :--- | :--- |
25
-
|`google_service_credentials`| Absolute path to a Google Cloud credentials JSON file. | Value of the environment variable `$GOOGLE_SERVICE_CREDENTIALS`.|
26
-
|`service_account_email`| Account email associated with the service. Only available if no credentials file has been provided. | Value of environment variable `$SERVICE_ACCOUNT_EMAIL`.|
27
-
|`service_account_secret`| Private key content associated with the service account. Only available if no credentials file has been provided. | Value of environment variable `$SERVICE_ACCOUNT_SECRET`.|
25
+
|`google_service_credentials`| Absolute path to a Google Cloud credentials JSON file. | Value of the environment variable `$GOOGLE_SERVICE_CREDENTIALS`|
26
+
|`service_account_email`| Account email associated with the service. Only available if no credentials file has been provided. | Value of environment variable `$SERVICE_ACCOUNT_EMAIL`|
27
+
|`service_account_secret`| Private key content associated with the service account. Only available if no credentials file has been provided. | Value of environment variable `$SERVICE_ACCOUNT_SECRET`|
28
28
|`project_id`| The project id containing the tenant of Google Chronicle to stream into. | The value of the `project_id` in the credentials file |
29
29
|`customer_id`| The customer id to identify the tenant of Google Chronicle to stream into. The value of the `customer_id` should be specified in the configuration file. |_none_|
30
30
|`log_type`| The log type to parse logs as. Google Chronicle supports parsing for [specific log types only](https://cloud.google.com/chronicle/docs/ingestion/parser-list/supported-default-parsers). |_none_|
0 commit comments