...
| Expand | ||
|---|---|---|
| ||
An attacker could be deleting a logging sink to avoid detection. This alert filters Google Cloud Audit Logs to find the log entries that have the method name equal to google.logging.v2.ConfigServiceV2.DeleteSink. Source table → cloud.gcp |
| Expand | ||
|---|---|---|
| ||
This alert detects when a Cloud SQL Database has been modified or deleted, and if any user has gained privileges on a database or any of its tables. Source table → cloud.gcp |