How should a customer reliably deliver Stackdriver logs from GCP to their on-premises SIEM system?

How should a customer reliably deliver Stackdriver logs from GCP to their on-premises SIEM system?
A . Send all logs to the SIEM system via an existing protocol such as syslog.
B. Configure every project to export all their logs to a common BigQuery DataSet, which will be queried by the SIEM system.
C. Configure Organizational Log Sinks to export logs to a Cloud Pub/Sub Topic, which will be sent to the SIEM via Dataflow.
D. Build a connector for the SIEM to query for all logs in real time from the GCP RESTful JSON APIs.

Answer: C

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments