On the Continuous exports tab, you can set up logging for Event Threat Detection and Container Threat Detection findings. Findings are exported to the Cloud Logging project that you select.
To use Cloud Logging export, you must activate Security Command Center at the organization level.
Depending on the quantity of information, Cloud Logging costs can be significant. To understand your usage of the service and its cost, see Google Cloud Observability pricing.
To log findings, do the following:
In the Google Cloud console, go to the Security Command Center page.
Select your organization.
Click
Settings.Click the Continuous Exports tab.
Under Export name, click Logging Export.
Under Sinks, turn on Log Findings to Logging.
Under Logging project, enter or search for the project where you want to log findings.
Click Save.
When Event Threat Detection and Container Threat Detection write logs, each log entry includes the threat_detector resource type and contains the same information as findings. For instructions on reviewing logs, see Using Event Threat Detection and Using Container Threat Detection.