🔥 3-day streak
Professional Security Operations Engineer86 / 241
Question 86 of 241

Your SOC is onboarding a new SaaS collaboration platform into Google SecOps. The vendor already appears in Google SecOps as a supported, out-of-the-box (default parser) log source with a documented ingestion API. A detection engineer proposes writing a custom parser from scratch and building a bespoke ingestion pipeline because the team wrote custom parsers for previous integrations. Considering platform operations efficiency and long-term maintainability, what should you recommend?

Reviewed for accuracy · Report an issueNext question