From 20501c9f5b7c7f0eb923087782db61e9f3b6c6ff Mon Sep 17 00:00:00 2001 From: Miguel Rodriguez Date: Wed, 29 Nov 2023 11:13:07 -0500 Subject: [PATCH 1/2] Add credentials section --- exporter/chronicleexporter/README.md | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/exporter/chronicleexporter/README.md b/exporter/chronicleexporter/README.md index 278b1950e..9d15607f1 100644 --- a/exporter/chronicleexporter/README.md +++ b/exporter/chronicleexporter/README.md @@ -36,7 +36,28 @@ Predefined regions include multiple global locations such as `Europe Multi-Regio ### Log Type -if the `attributes["log_type"]` field is present in the log, and maps to a known chronicle `log_type` the exporter will use the value of that field as the log type. If the `attributes["log_type"]` field is not present, the exporter will use the value of the `log_type` configuration field as the log type. +if the `attributes["log_type"]` field is present in the log, and maps to a known Chronicle `log_type` the exporter will use the value of that field as the log type. If the `attributes["log_type"]` field is not present, the exporter will use the value of the `log_type` configuration field as the log type. + +## Credentials + +This exporter requires a Google Cloud service account with access to the Chronicle API. The service account must have access to the following endpoint(s): + +The base endpoint is `https://malachiteingestion-pa.googleapis.com` + +Alternatively, if a `region` is specified: + +| Region | Endpoint | +| ---------------------------- | ------------------------------------------------------------------- | +| `Europe Multi-Region` | `https://malachiteingestion-pa-europe.googleapis.com` | +| `Frankfurt` | `https://malachiteingestion-pa-europe-west3.googleapis.com` | +| `London` | `https://malachiteingestion-pa-europe-west2.googleapis.com` | +| `Singapore` | `https://malachiteingestion-pa-asia-southeast1.googleapis.com` | +| `Sydney` | `https://malachiteingestion-pa-australia-southeast1.googleapis.com` | +| `Tel Aviv` | `https://malachiteingestion-pa-europe-west4.googleapis.com` | +| `United States Multi-Region` | `https://malachiteingestion-pa.googleapis.com` | +| `Zurich` | `https://malachiteingestion-pa-europe-west6.googleapis.com` | + +For additional information on accessing Chronicle, see the [Chronicle documentation](https://cloud.google.com/chronicle/docs/reference/ingestion-api#getting_api_authentication_credentials). ## Example Configuration From ff021a30555b0987e6cf860194c073b8d3382248 Mon Sep 17 00:00:00 2001 From: Miguel Rodriguez Date: Wed, 29 Nov 2023 11:27:25 -0500 Subject: [PATCH 2/2] Update if -> If --- exporter/chronicleexporter/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exporter/chronicleexporter/README.md b/exporter/chronicleexporter/README.md index 9d15607f1..dbe53546a 100644 --- a/exporter/chronicleexporter/README.md +++ b/exporter/chronicleexporter/README.md @@ -36,7 +36,7 @@ Predefined regions include multiple global locations such as `Europe Multi-Regio ### Log Type -if the `attributes["log_type"]` field is present in the log, and maps to a known Chronicle `log_type` the exporter will use the value of that field as the log type. If the `attributes["log_type"]` field is not present, the exporter will use the value of the `log_type` configuration field as the log type. +If the `attributes["log_type"]` field is present in the log, and maps to a known Chronicle `log_type` the exporter will use the value of that field as the log type. If the `attributes["log_type"]` field is not present, the exporter will use the value of the `log_type` configuration field as the log type. ## Credentials