Configuration of G-Suite

NOTE: This URL www.googleapis.com needs to allow from Client’s firewall, so that, this will be accessible from the Collector-Syslog Server (CCE).

Step 1: Go to https://console.cloud.google.com/apis/dashboard and create a Project.

Step 2: Give a name to your project and click on create.

Step 3: Now, select the project you have just created.

Step 4: Go to Library, to enable the API for your project.

Step 5: Search for API SDK in the search bar and select Admin SKD API.

Step 6: Now, click on enable to enable API for the project.

Step 7: Go to search bar, search for Credentials and select Credentials as shown in the figure.

Step 8: Now, go to Create Credentials and select Service Account.

Step 9: Give service account name, service account description accordingly and click on create.

Step 10: Set the role as Basic -> Viewer, then continue and done.

Step 11: Now select the service account that you just created as you can see below.

Step 12: Here, you need to create a new JSON key for that click on Add key -> Create New Key. Create one with JSON then save it as a file. It will be downloaded to your system. Kindly open the file and note down the "client ID" for further use in the process.

Step 13: Now click on save as shown below.

Step 14: Go to https://admin.google.com/ac/home and click on three horizontal lines to see more options as shown below.

Step 15: Go to Security -> API Controls.

Step 16: Scroll down, click on -> Manage Domain wide delegation.

Step 17: Go to Add New, then put the Client ID from the JSON file. For reference -> Remember (Step 12). Also, put https://www.googleapis.com/auth/admin.reports.audit.readonly in the OAuth Scopes. Click -> Authorize.

Step 18:Now, go to Seceon UI à Provisioning à Google Configuration à G-Suite(Add) à Put your mail ID of G-Suite in the username à CCE IP à Browse the JSON file (Reference Step 12)à Save.

End of the Document