Google Security Operations, was formerly known as Chronicle. Explore Acronis integration with Google Security Operations.
Google Security Operations SIEM is a cloud service, built as a specialized layer on top of core Google infrastructure, designed for enterprises to privately retain, analyze, and search the massive amounts of security and network telemetry they generate. Google Security Operations normalizes, indexes, correlates, and analyzes the data to provide instant analysis and context on risky activity.
This integration is enabled through the Acronis SIEM Connector. The SIEM Connector uses the Acronis agent as a log writer, enabling MSPs to store Acronis Alerts, Events, Activities, and Audit Log on any endpoint in the customer network from where they can be ingested by the SIEM, or send those logs to a syslog server. The Connector supports CEF and JSON log formats.
Integrating Acronis alerts into Google Security Operations (SecOps) provides centralized monitoring, enhancing visibility and correlation of security events for more effective threat detection. This integration streamlines incident response by leveraging Google Security Operations (SecOps) advanced threat detection and analysis capabilities alongside Acronis alert data.
Integrating Acronis alerts into Google Security Operations (SecOps) provides a centralized platform for monitoring and managing security alerts. This consolidation allows the MSP business to have a unified view of potential threats and incidents across all customer accounts, making it easier to prioritize and respond to security events effectively.
Google Security Operations (SecOps) is designed to provide advanced threat detection and analysis capabilities. Correlating Acronis alerts with other security events and logs in Google Security Operations (SecOps) can help the MSP identify patterns and potential threats that might go unnoticed when viewed in isolation.
Thanks to the Acronis SIEM Connector, MSPs have the option to choose specific customers for alert transmission to Google Security Operations (SecOps) SIEM, therefore minimizing unnecessary noise and concentrating solely on the incidents that matter most to them. Additionally, MSPs can select from the pool of 170 Acronis alerts, deciding which ones should be featured in the Google Security Operations (SecOps) SIEM reports.
Acronis supports core event format - CEF (Common Event Format), enabling MSPs to work with the data sent by the integration out of the box. Alerts are pre-formatted on Acronis side and don't require MSP to create any additional rules on SIEM side. Integration is setup only by providing server and client certificates
