Splunk Releases Add-On for Google Workspace Security Monitoring

By Splunk

As the trend toward having a more distributed labor force working remotely part or full time persists, Splunk continues to see strong customer demand for more visibility into the security of the productivity and collaborative products their employees use. To assist with these requests, we’re excited to announce the release of Splunk Add-On for Google Workspace 2.0. This second major release includes important changes requested by our customers and valuable new functionality. The expanded security monitoring this release enables will help all of our customers quickly up their game.

Splunk Add-On for Google Workspace 2.0 includes these exciting updates and additions:

Gmail: Analyze email metadata to help detect phishing, spoofing, malware distribution, spam, data exfiltration and other email-focused attacks.
Google Drive: Monitor user activity in Google Drive to detect suspicious activity that could indicate abuse or an attack. Get visibility into items such as unsafe content, sensitive document access, suspicious visibility, and access changes.
Google Workspace: View login trends for users and key security events such as leaked passwords, failed logins, blocked logins, and suspended users.
Delegated Authorization: Issue and revoke Oauth tokens.
User Administration: Create, delete, grant, and revoke privileges.
Consumption: Analyze and monitor user logins, authorized apps, locked accounts, and other usage metrics.
Proxy Support: Configure operation behind an HTTP proxy.
Event Splitting: Create more granular events to make searches and detections faster.

By using the new version of Splunk Add-On for Google Workspace, administrators will be better able to detect and quickly mitigate a wider set of potential attacks from phishing, malware distribution, suspicious user activities and user administration. The extended monitoring provides organizations the ability to offer their users more secure critical productivity and collaboration tools from Google Cloud. Splunk always urges customers to monitor user activity in a way that respects user privacy and follows Google privacy safeguards.

You can learn more about Splunk Add-On for Google Workspace in the user documentation.

Splunk is already working on the next update to the integration, which will focus on delivering even more event types prepared for normalized and performant search use cases. Stay tuned for details of our next installment. We hope to see you at .conf22!

----------------------------------------------------
Thanks!
Mark Karlstrand

Splunk

The world’s leading organizations trust Splunk to help keep their digital systems secure and reliable. Our software solutions and services help to prevent major issues, absorb shocks and accelerate transformation. Learn what Splunk does and why customers choose Splunk.

Partners 2 Min Read

Gretchen O’Hara Named to CRN’s 2025 50 Most Influential Channel Chiefs

Gretchen O’Hara, Splunk, a Cisco company’s Vice President of Worldwide Channels and Alliances, has been named to CRN’s prestigious 50 Most Influential Channel Chiefs list for 2025.

Partners 3 Min Read

Accelerating Performance: Three Things Business Leaders Can Learn From the F1

Splunker Craig Bates shares a closer look at what business leaders can learn from the F1.

Partners 2 Min Read

The Power Of The Ecosystem: Intel and Splunk Help Partners Bring Data To Life

Intel and Splunk share a vision and mission focused on enabling our ecosystem and customers to turn data into action and unlock data-driven innovation – learn more at the Intel Vision 2022 event.

About Splunk

The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.

Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.