6 DFIR Investigations – Logs in GCP

You must have noticed each cloud service provider’s common resources and elements by now. In this chapter, we will dive straight into the security capabilities of Google Cloud Platform (GCP), what log sources are available, and how we can conduct our investigation. Note that cloud providers may use common terminologies. However, the applications and availability of logs may differ for each cloud service provider. Therefore, it is essential to understand which logs will be available during an incident investigation.

In Chapter 3, we briefly introduced specific cloud service offerings within GCP; in this chapter, we will dig deep into some of its core components and digital forensics. This chapter outlines the ...

Get Cloud Forensics Demystified now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cloud Forensics Demystified by Ganesh Ramakrishnan, Mansoor Haqanee

6

DFIR Investigations – Logs in GCP

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly