- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Google Cloud Security Command Center helps you strengthen your security posture by:
Security Command Center uses services, such as Event Threat Detection and Security Health Analytics, to detect security issues in your environment. These services scan your logs and resources in Google Cloud, looking for threat indicators, software vulnerabilities, and misconfigurations. Services are also referred to as sources. For more information, see Security sources.
When these services detect a threat, vulnerability, or misconfiguration, they issue a finding. A finding is a report or record of an individual threat, vulnerability, or misconfiguration that service has found in your Google Cloud environment. Findings show the issue that was detected, the Google Cloud resource that is affected by the issue, and guidance on how you can address the issue.
Before you start, ensure the following APIs are enabled for the projects you want to collect Google Cloud Security Command Center findings for:
A service account must have this role to retrieve findings from the GCP Security Command Center. Logs may not show up due to a permissions denied error if this role is not enabled.
Assign the following role:
NOTE:
If the same project is discovered by multiple service accounts, all attached service accounts must have Security Center Findings Viewer Role added.
Failure to comply with this requirement may result in PermissionDenied errors. We will not be able to collect the Security Findings for this project. Therefore, it is important to ensure that all service accounts have the necessary permissions to access security findings for any project they are associated with.
Google Cloud Security Command Center is included as part of the main Google Cloud Platform integration package. If you haven’t already, follow this doc to set up the Google Cloud Platform integration first.
On the main Google Cloud Platform Integration tile:
Once enabled, your security findings may take up to 1 day to be collected.
Google Cloud Security Command Center findings are collected as logs with the Google Cloud Security Command Center Client API.
Inside the Datadog Log Explorer, find Google Cloud Security Command Center logs with the following filter:
Findings
as the Servicegoogle.security.command.center
as the SourceGoogle Cloud Security Command Center does not include any metrics.
Google Cloud Security Command Center does not include any service checks.
Google Cloud Security Command Center does not include any events.
Need help? Contact Datadog support.
Additional helpful documentation, links, and articles: