Google SecOps (formerly Chronicle) is Google Cloud's security operations platform (SIEM) that helps you detect, investigate, and respond to cybersecurity threats. Integrating Bindplane enables an easy way of standardizing how you efficiently collect, process, and forward security-relevant data to Google SecOps. In this webinar you’ll get a hands-on demo of how to configure log collection with the BindPlane Agent, and best practices for data standardization using open standards and OpenTelemetry. This will let you focus on the important task of investigating threats with Google SecOps instead of configuring telemetry pipelines.

⏬ Check out more from Bindplane:
https://x.com/bindplane
https://www.linkedin.com/company/bindplane/
https://bindplane.com/

ℹ️ About Bindplane:
Bindplane is a Unified Telemetry Pipeline designed to manage SIEM and Observability costs at scale while enabling enterprises to take back control of their Observability data. Route data from any source to any destination, enabling fast migrations. Standardize on open, vendor-neutral, standards with OpenTelemetry. Simplify telemetry infrastructure management at scale. Reduce SIEM and Observability costs by 40% or more

Chapters

00:00 - Introduction

04:03 - What is Bindplane?

05:15 - Bindplane Architecture

09:37 - Demo Starts

11:01 - Create Bindplane instance in Bindplane Cloud

12:45 - Install BDOT Collector

16:17 - Create configuration to collect and export Windows logs

21:26 - Create a processor for Google SecOps standardization

27:30 - Add Google SecOps as a destination to export Windows logs

33:28 - Add batch processor

36:22 - Query for logs in Google SecOps

42:42 - Make sure to use RAW logs

44:31 - Syslog / UDP / TCP logs

47:45 - What data is stored in Bindplane?

52:28 - More advanced use cases for processors