To run this collector, there are some configurations detailed below that you need to take into account.
Configuration
Details
GPC console
You have the right credentials to access the GCP console.
Perimissions
You have to be the owner of the account or have administrator’s permissions in the GCP console.
Delegated email
You need to have a delegated email with the right permissions. Refer to Google documentation to know how to do it.
Info
Refer to the Vendor setup section to know more about these configurations.
Overview
Workspace is Google’s suite of products that includes email, calendar, driver, meet, and other collaboration solutions. This collector provides the possibility to integrate Google Workspace with the Devo Platform making it easy to query and analyze the relevant data from Workspace, view it in the pre-configured Activeboards, or customize them to enable Enterprise IT and Cybersecurity teams to make impactful data-driven decisions.
...
Release
Released on
Release type
Details
Recommendations
v1.2.0
Status
colour
Purple
title
NEW FEATURE
Status
colour
Green
title
IMPROVEMENT
New features:
We added to the Alerts puller the feature to restart the persistence when the config start_time is updated at service level.
Improvements:
The performance has been improved after switching the internal delivery method. The events are delivered in batches instead of one by one.
Update
v1.3.0
Status
colour
Purple
title
NEW FEATURE
New features:
Added new alert types:
Data Loss Prevention
Apps outage
Primary admin changed
SSO profile added
SSO profile updated
SSO profile deleted
Super admin password reset
Update
v1.4.1
Status
colour
Green
title
IMPROVEMENT
Improvements:
Upgraded underlay Devo Collector SDK from v1.1.4 to v1.4.1.
The resilience has been improved with a new feature that restart the collector when the Devo connections is lost and it cannot be recovered.
When an exception is raised by the Collector Setup, the collector retries after 5 seconds. For consecutive exceptions, the waiting time is multiplied by 5 until hits 1800 seconds, which is the maximum waiting time allowed. No maximum retries are applied.
When an exception is raised by the Collector Pull method, the collector retries after 5 seconds. For consecutive exceptions, the waiting time is multiplied by 5 until hits 1800 seconds, which is the maximum waiting time allowed. No maximum retries are applied.
When an exception is raised by the Collector pre-pull method, the collector retries after 30 seconds. No maximum retries are applied.
Updated the underlying DevoSDK package to v3.6.4 and dependencies, this upgrade increases the resilience of the collector when the connection with Devo or the Syslog server is lost. The collector is able to reconnect in some scenarios without running the self-kill feature.
Support for stopping the collector when a GRACEFULL_SHUTDOWN system signal is received.
Re-enabled the logging to devo.collector.out for Input threads.
Improved self-kill functionality behavior.
Added more details in log traces.
Added log traces for knowing system memory usage.
Update
v1.4.2
Status
colour
Red
title
BUG FIX
Bugs fixes:
Fixed a bug that prevented Syslog output from being enabled.
Update
v1.5.0
Status
colour
Green
title
IMPROVEMENT
Improvements:
The Google Workspace Collector has been divided into two: Google Workspace Alerts and Google Workspace Reports to improve the user experience.
Added base64 validation: Validates whether the credentials token is in the correct base64 format.
Recommended version
Configuration checklist
Here you will find a brief checklist of the important configurations that need to be done for deploying this collector:
Configuration
Details
GPC console
You have the right credentials to access the GCP console.
Perimissions
You have to be the owner of the account or have administrator’s permissions in the GCP console.
Delegated email
You need to have a delegated email with the right permissions. Refer to Google documentation to know how to do it.
