Configuration of G-Suite

NOTE: This URL www.googleapis.com needs to allow from Client’s firewall, so that, this will be accessible from the Collector-Syslog Server (CCE).

Step 1: Go to https://console.cloud.google.com/apis/dashboard and create a Project.

Step 2: Give a name to your project and click on create.

Step 3: Now, select the project you have just created.

Step 4: Go to Library, to enable the API for your project.

Step 5: Search for API SDK in the search bar and select Admin SKD API. For Gsuite Gmail permission, We need to Enable ' Gmail API' as well.

Step 6: Now, click on enable to enable API for the project.

Step 7: Go to search bar, search for Credentials and select Credentials as shown in the figure.

Step 8: Now, go to Create Credentials and select Service Account.

Step 9: Give service account name, service account description accordingly and click on create.

Step 10: Set the role as Basic -> Viewer, then continue and done.

Step 11: Now select the service account that you just created as you can see below.

Step 12: Here, you need to create a new JSON key for that click on Add key -> Create New Key. Create one with JSON then save it as a file. It will be downloaded to your system. Kindly open the file and note down the "client ID" for further use in the process.

Step 13: Now click on save as shown below.

Step 14: Go to https://admin.google.com/ac/home and click on three horizontal lines to see more options as shown below.

Step 15: Go to Security -> API Controls.

Step 16: Scroll down, click on -> Manage Domain wide delegation.

Step 17: Go to Add New, then put the Client ID from the JSON file. For reference -> Remember (Step 12). Also, put https://www.googleapis.com/auth/admin.reports.audit.readonly in the OAuth Scopes. Click -> Authorize.

Step 18: For Gsuite Gmail Permission Go to Add New, then put the Client ID from the JSON file.

Also, put

  1. --> https://www.googleapis.com/auth/gmail.readonly

  2. --> https://www.googleapis.com/auth/admin.directory.user

  3. --> https://www.googleapis.com/auth/admin.reports.audit.readonly

  4. – > https://www.googleapis.com/auth/admin.directory.user.readonly
    in the OAuth Scopes. Click -> Authorize.

Step 19: Using this doc get customer ID - https://support.google.com/a/answer/10070793?hl=en

NOTE :--The json key will need to be modified with customer_id by opening it in a text editor like (notepad, vs code etc) as shown in attached screenshot before uploading it to on our UI (i.e. Gsuite's cloud configuration screen)

Step 20:Now, go to Seceon UI -> Provisioning -> Google Configuration -> G-Suite(Add) -> Put your mail ID of G-Suite in the username, CCE IP, Browse the JSON file (Reference Step 12) and Save.

End of the Document