Google Threat Intel Source (c2c) (#6028)

* Google Threat Intel Source (c2c) * Add link in threat intelligence article * Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-threat-intel-source.md Co-authored-by: John Pipkin (Sumo Logic) <jpipkin@sumologic.com> * Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-threat-intel-source.md Co-authored-by: John Pipkin (Sumo Logic) <jpipkin@sumologic.com> * Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-threat-intel-source.md Co-authored-by: John Pipkin (Sumo Logic) <jpipkin@sumologic.com> * Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-threat-intel-source.md Co-authored-by: John Pipkin (Sumo Logic) <jpipkin@sumologic.com> * Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-threat-intel-source.md Co-authored-by: John Pipkin (Sumo Logic) <jpipkin@sumologic.com> * Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-threat-intel-source.md Co-authored-by: John Pipkin (Sumo Logic) <jpipkin@sumologic.com> --------- Co-authored-by: John Pipkin <jpipkin@sumologic.com> Co-authored-by: Shivani Patel <131141852+shivani-sumo@users.noreply.github.com>

Author: 3 people

blog-service/2025-11-21-collection.md

@@ -0,0 +1,12 @@
+---
+title: Google Threat Intel Source (Collection)
+image: https://assets-www.sumologic.com/company-logos/_800x418_crop_center-center_82_none/SumoLogic_Preview_600x600.jpg?mtime=1617040082
+keywords:
+ - c2c
+ - google-threat-intel-source
+hide_table_of_contents: true 
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+We're excited to announce the release of our new cloud-to-cloud source for Google Threat Intel. This source securely collects alerts from the Google Threat Intel platform and sends them to Sumo Logic for streamlined analysis. [Learn more](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-threat-intel-source/).

cid-redirects.json

@@ -2969,6 +2969,7 @@
  "/cid/1118": "/docs/integrations/saas-cloud/databricks-audit",
  "/cid/1121": "/docs/integrations/saas-cloud/varonis",
  "/cid/1120": "/docs/integrations/saas-cloud/github-copilot",
+ "/cid/1122": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-threat-intel-source",
  "/Cloud_SIEM_Enterprise": "/docs/cse",
  "/Cloud_SIEM_Enterprise/Administration": "/docs/cse/administration",
  "/Cloud_SIEM_Enterprise/Administration/Cloud_SIEM_Enterprise_Feature_Update_(2022)": "/docs/cse/administration",

docs/integrations/product-list/product-list-a-l.md

@@ -254,7 +254,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [
 | <img src={useBaseUrl('img/integrations/app-development/GitHub.png')} alt="Thumbnail icon" width="50"/> | [GitHub](https://github.com/) |	App: <br/>- [GitHub](/docs/integrations/app-development/github/) <br/>- [GitHub Copilot](/docs/integrations/saas-cloud/github-copilot) <br/>Automation integration: [GitHub](/docs/platform-services/automation-service/app-central/integrations/github/) <br/>Cloud SIEM integration: [Github](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/193c791a-bb10-4742-a429-1256535f888b.md#vendors-github) <br/>Collector: [Github Copilot](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/github-copilot-source) <br/>Community app: [Sumo Logic for GitHub Actions](https://github.com/SumoLogic/sumologic-content/tree/master/GitHub/GitHub_Actions) |
 | <img src={useBaseUrl('img/integrations/app-development/gitlab.png')} alt="Thumbnail icon" width="50"/> | [GitLab](https://about.gitlab.com/) | App: [GitLab](/docs/integrations/app-development/gitlab/) <br/>Automation integration: [GitLab](/docs/platform-services/automation-service/app-central/integrations/gitlab/) |
 | <img src={useBaseUrl('img/integrations/saas-cloud/gmail-icon.png')} alt="Thumbnail icon" width="50"/> | [Gmail](https://www.google.com/gmail/about/) | App: [Gmail Trace Logs](/docs/integrations/saas-cloud/gmail-tracelogs)<br/>Automation integrations: <br/>- [Gmail](/docs/platform-services/automation-service/app-central/integrations/gmail/) <br/>- [Gmail Multiple Mailbox](/docs/platform-services/automation-service/app-central/integrations/gmail-multiple-mailbox/) <br/>Collector: [Gmail Trace Logs Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/gmail-tracelogs-source) |
-| <img src={useBaseUrl('img/platform-services/automation-service/app-central/logos/google.png')} alt="Thumbnail icon" width="75"/> | [Google](https://about.google/) | Apps: <br/>- [Google App Engine](/docs/integrations/google/app-engine/) <br/>- [Google BigQuery](/docs/integrations/google/bigquery/) <br/>- [Google Cloud AlloyDB for PostgreSQL](/docs/integrations/google/cloud-alloydb-for-postgresql/) <br/>- [Google Cloud API Gateway](/docs/integrations/google/cloud-api-gateway/) <br/>- [Google Cloud APIs](/docs/integrations/google/cloud-apis/) <br/>- [Google Cloud Armor](/docs/integrations/google/cloud-armor/) <br/>- [Google Cloud Audit](/docs/integrations/google/cloud-audit) <br/>- [Google Cloud Auto Scaler](/docs/integrations/google/cloud-auto-scaler) <br/>- [Google Cloud Backup for GKE](/docs/integrations/google/cloud-backup-for-gke/) <br/>- [Google Cloud BigQuery BI Engine](/docs/integrations/google/cloud-bigquery-bi-engine/) <br/>- [Google Cloud Bigtable](/docs/integrations/google/cloud-bigtable/) <br/>- [Google Cloud Certificate Authority Service](/docs/integrations/google/cloud-certificate-authority-service/) <br/>- [Google Cloud Certificate Manager](/docs/integrations/google/cloud-certificate-manager/) <br/>- [Google Cloud Composer](/docs/integrations/google/cloud-composer/) <br/>- [Google Compute Engine](/docs/integrations/google/compute-engine/) <br/>- [Google Cloud Dataflow](/docs/integrations/google/cloud-dataflow/) <br/>- [Google Cloud Dataproc](/docs/integrations/google/cloud-dataproc/) <br/>- [Google Cloud Dataproc Metastore](/docs/integrations/google/cloud-dataproc-metastore/) <br/>- [Google Cloud Datastore](/docs/integrations/google/cloud-datastore/) <br/>- [Google Cloud Datastream](/docs/integrations/google/cloud-datastream/) <br/>- [Google Cloud Deploy](/docs/integrations/google/cloud-deploy/) <br/>- [Google Cloud Filestore](/docs/integrations/google/cloud-filestore/) <br/>- [Google Cloud Firebase](/docs/integrations/google/cloud-firebase/) <br/>- [Google Cloud Firestore](/docs/integrations/google/cloud-firestore/) <br/>- [Google Cloud Firewall](/docs/integrations/google/cloud-firewall/) <br/>- [Google Cloud Fleet Engine](/docs/integrations/google/cloud-fleet-engine/) <br/>- [Google Cloud Functions](/docs/integrations/google/cloud-functions/) <br/>- [Google Cloud Interconnect](/docs/integrations/google/cloud-interconnect/) <br/>- [Google Cloud Load Balancing](/docs/integrations/google/cloud-load-balancing/) <br/>- [Google Cloud Logging](/docs/integrations/google/cloud-logging/) <br/>- [Google Cloud Memorystore for Redis](/docs/integrations/google/cloud-memorystore-for-redis/) <br/>- [Google Cloud Net App Cloud Volumes Service](/docs/integrations/google/cloud-net-app-cloud-volumes-service/) <br/>- [Google Cloud Network Topology](/docs/integrations/google/cloud-network-topology/) <br/>- [Google Cloud Pub Sub](/docs/integrations/google/cloud-pub-sub/) <br/>- [Google Cloud Router](/docs/integrations/google/cloud-router/) <br/>- [Google Cloud Run](/docs/integrations/google/cloud-run/) <br/>- [Google Cloud Security Command Center](/docs/integrations/google/cloud-security-command-center/) <br/>- [Google Cloud Spanner](/docs/integrations/google/cloud-spanner/) <br/>- [Google Cloud SQL](/docs/integrations/google/cloud-sql/) <br/>- [Google Cloud Storage](/docs/integrations/google/cloud-storage/) <br/>- [Google Cloud Tasks](/docs/integrations/google/cloud-tasks/) <br/>- [Google Cloud TPU](/docs/integrations/google/cloud-tpu/) <br/>- [Google Cloud Trace](/docs/integrations/google/cloud-trace/) <br/>- [Google Cloud Traffic Director](/docs/integrations/google/cloud-traffic-director/) <br/>- [Google Cloud Vertex AI](/docs/integrations/google/cloud-vertex-ai/) <br/>- [Google Cloud VPC](/docs/integrations/google/cloud-vpc/) <br/>- [Google Cloud VPN](/docs/integrations/google/cloud-vpn/) <br/>- [Google Kubernetes Engine (GKE)](/docs/integrations/google/kubernetes-engine/) <br/>Automation integrations: <br/>- [Chronicle](/docs/platform-services/automation-service/app-central/integrations/chronicle/) <br/>- [Google Chat](/docs/platform-services/automation-service/app-central/integrations/google-chat/) <br/>- [Google Firestore](/docs/platform-services/automation-service/app-central/integrations/google-firestore)<br/>- [Google Cloud IAM](/docs/platform-services/automation-service/app-central/integrations/google-cloud-iam/) <br/>- [Google Safe Browsing](/docs/platform-services/automation-service/app-central/integrations/google-safe-browsing/) <br/>- [Mandiant Advantage Threat intelligence](/docs/platform-services/automation-service/app-central/integrations/mandiant-advantage-threat-intelligence/) <br/>Cloud SIEM integration: [Google](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/45601247-66a5-4c9c-b3af-c422f5b4cbeb.md) <br/>Collectors: <br/>- [Google BigQuery Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-bigquery-source/) <br/>- [GCP Metrics Source](/docs/send-data/hosted-collectors/google-source/gcp-metrics-source/) <br/>- [Google Cloud Platform (GCP) Source](/docs/send-data/hosted-collectors/google-source/google-cloud-platform-source/) <br/>- [Mandiant Threat Intel Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/mandiant-threat-intel-source/)<br/>Community app: [Sumo Logic for GCP Balancer Metrics](https://github.com/SumoLogic/sumologic-content/tree/master/GCP/Load_Balancer_Metrics) |
+| <img src={useBaseUrl('img/platform-services/automation-service/app-central/logos/google.png')} alt="Thumbnail icon" width="75"/> | [Google](https://about.google/) | Apps: <br/>- [Google App Engine](/docs/integrations/google/app-engine/) <br/>- [Google BigQuery](/docs/integrations/google/bigquery/) <br/>- [Google Cloud AlloyDB for PostgreSQL](/docs/integrations/google/cloud-alloydb-for-postgresql/) <br/>- [Google Cloud API Gateway](/docs/integrations/google/cloud-api-gateway/) <br/>- [Google Cloud APIs](/docs/integrations/google/cloud-apis/) <br/>- [Google Cloud Armor](/docs/integrations/google/cloud-armor/) <br/>- [Google Cloud Audit](/docs/integrations/google/cloud-audit) <br/>- [Google Cloud Auto Scaler](/docs/integrations/google/cloud-auto-scaler) <br/>- [Google Cloud Backup for GKE](/docs/integrations/google/cloud-backup-for-gke/) <br/>- [Google Cloud BigQuery BI Engine](/docs/integrations/google/cloud-bigquery-bi-engine/) <br/>- [Google Cloud Bigtable](/docs/integrations/google/cloud-bigtable/) <br/>- [Google Cloud Certificate Authority Service](/docs/integrations/google/cloud-certificate-authority-service/) <br/>- [Google Cloud Certificate Manager](/docs/integrations/google/cloud-certificate-manager/) <br/>- [Google Cloud Composer](/docs/integrations/google/cloud-composer/) <br/>- [Google Compute Engine](/docs/integrations/google/compute-engine/) <br/>- [Google Cloud Dataflow](/docs/integrations/google/cloud-dataflow/) <br/>- [Google Cloud Dataproc](/docs/integrations/google/cloud-dataproc/) <br/>- [Google Cloud Dataproc Metastore](/docs/integrations/google/cloud-dataproc-metastore/) <br/>- [Google Cloud Datastore](/docs/integrations/google/cloud-datastore/) <br/>- [Google Cloud Datastream](/docs/integrations/google/cloud-datastream/) <br/>- [Google Cloud Deploy](/docs/integrations/google/cloud-deploy/) <br/>- [Google Cloud Filestore](/docs/integrations/google/cloud-filestore/) <br/>- [Google Cloud Firebase](/docs/integrations/google/cloud-firebase/) <br/>- [Google Cloud Firestore](/docs/integrations/google/cloud-firestore/) <br/>- [Google Cloud Firewall](/docs/integrations/google/cloud-firewall/) <br/>- [Google Cloud Fleet Engine](/docs/integrations/google/cloud-fleet-engine/) <br/>- [Google Cloud Functions](/docs/integrations/google/cloud-functions/) <br/>- [Google Cloud Interconnect](/docs/integrations/google/cloud-interconnect/) <br/>- [Google Cloud Load Balancing](/docs/integrations/google/cloud-load-balancing/) <br/>- [Google Cloud Logging](/docs/integrations/google/cloud-logging/) <br/>- [Google Cloud Memorystore for Redis](/docs/integrations/google/cloud-memorystore-for-redis/) <br/>- [Google Cloud Net App Cloud Volumes Service](/docs/integrations/google/cloud-net-app-cloud-volumes-service/) <br/>- [Google Cloud Network Topology](/docs/integrations/google/cloud-network-topology/) <br/>- [Google Cloud Pub Sub](/docs/integrations/google/cloud-pub-sub/) <br/>- [Google Cloud Router](/docs/integrations/google/cloud-router/) <br/>- [Google Cloud Run](/docs/integrations/google/cloud-run/) <br/>- [Google Cloud Security Command Center](/docs/integrations/google/cloud-security-command-center/) <br/>- [Google Cloud Spanner](/docs/integrations/google/cloud-spanner/) <br/>- [Google Cloud SQL](/docs/integrations/google/cloud-sql/) <br/>- [Google Cloud Storage](/docs/integrations/google/cloud-storage/) <br/>- [Google Cloud Tasks](/docs/integrations/google/cloud-tasks/) <br/>- [Google Cloud TPU](/docs/integrations/google/cloud-tpu/) <br/>- [Google Cloud Trace](/docs/integrations/google/cloud-trace/) <br/>- [Google Cloud Traffic Director](/docs/integrations/google/cloud-traffic-director/) <br/>- [Google Cloud Vertex AI](/docs/integrations/google/cloud-vertex-ai/) <br/>- [Google Cloud VPC](/docs/integrations/google/cloud-vpc/) <br/>- [Google Cloud VPN](/docs/integrations/google/cloud-vpn/) <br/>- [Google Kubernetes Engine (GKE)](/docs/integrations/google/kubernetes-engine/) <br/>Automation integrations: <br/>- [Chronicle](/docs/platform-services/automation-service/app-central/integrations/chronicle/) <br/>- [Google Chat](/docs/platform-services/automation-service/app-central/integrations/google-chat/) <br/>- [Google Firestore](/docs/platform-services/automation-service/app-central/integrations/google-firestore)<br/>- [Google Cloud IAM](/docs/platform-services/automation-service/app-central/integrations/google-cloud-iam/) <br/>- [Google Safe Browsing](/docs/platform-services/automation-service/app-central/integrations/google-safe-browsing/) <br/>- [Mandiant Advantage Threat intelligence](/docs/platform-services/automation-service/app-central/integrations/mandiant-advantage-threat-intelligence/) <br/>Cloud SIEM integration: [Google](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/45601247-66a5-4c9c-b3af-c422f5b4cbeb.md) <br/>Collectors: <br/>- [Google BigQuery Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-bigquery-source/) <br/>- [Google Threat Intel Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-threat-intel-source/)<br/>- [GCP Metrics Source](/docs/send-data/hosted-collectors/google-source/gcp-metrics-source/) <br/>- [Google Cloud Platform (GCP) Source](/docs/send-data/hosted-collectors/google-source/google-cloud-platform-source/) <br/>- [Mandiant Threat Intel Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/mandiant-threat-intel-source/)<br/>Community app: [Sumo Logic for GCP Balancer Metrics](https://github.com/SumoLogic/sumologic-content/tree/master/GCP/Load_Balancer_Metrics) |
 | <img src={useBaseUrl('img/send-data/Google_Workspace_Logo.svg')} alt="Thumbnail icon" width="100"/> | [Google Workspace](https://workspace.google.com/) | App: [Google Workspace](/docs/integrations/google/workspace/install-app-dashboards/) <br/>Automation integrations: <br/>- [Google Alert Center](/docs/platform-services/automation-service/app-central/integrations/google-alert-center/) <br/>- [Google Admin](/docs/platform-services/automation-service/app-central/integrations/google-admin/) <br/>- [Google Drive](/docs/platform-services/automation-service/app-central/integrations/google-drive/) <br/>- [Google Workspace IDP](/docs/platform-services/automation-service/app-central/integrations/google-workspace-idp/) <br/>Collector: [Google Workspace AlertCenter Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-workspace-alertcenter/) <br/>- [Google Workspace Apps Audit Source](/docs/send-data/hosted-collectors/google-source/google-workspace-apps-audit-source/) <br/>- [Google Workspace User Inventory Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-workspace-source/) |
 | <img src={useBaseUrl('img/integrations/webhooks/grafana-oncall-logo.png')} alt="Thumbnail icon" width="50"/> | [Grafana](https://grafana.com/) | Webhook: [Grafana OnCall](/docs/integrations/webhooks/grafana-oncall/) |
 | <img src={useBaseUrl('img/integrations/webhooks/gremlin-logo.png')} alt="Thumbnail icon" width="50"/> | [Gremlin](https://www.gremlin.com/) | Webhook: [Gremlin](/docs/integrations/webhooks/gremlin/) |

docs/security/threat-intelligence/about-threat-intelligence.md

@@ -59,6 +59,7 @@ Sumo Logic provides the following out-of-the-box default sources of threat indic
 A Cloud SIEM administrator must first ingest the indicators before they can be used to uncover threats. Indicators can be ingested using:
 * **A collector**. See:
  * [CrowdStrike Threat Intel Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/crowdstrike-threat-intel-source)
+ * [Google Threat Intel Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-threat-intel-source/)
  * [Intel471 Threat Intel Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/intel471-threat-intel-source)
  * [Mandiant Threat Intel Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/mandiant-threat-intel-source)
  * [STIX/TAXII 1 Client Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/stix-taxii-1-client-source)