Database Activity Monitoring for Google Cloud BigQuery

DataSunrise provides the BigQuery Activity Monitoring solution. It gives an insight for database administrators into who and what is viewing and changing.

The aim of BigQuery Activity Monitoring is the continuous tracking of transactions and alerting of hacking and potentially dangerous attempts. By revealing fraudulent activity even of privileged users and cyber attacks, you can protect sensitive data. Moreover, collected logs can not be deleted or changed by evildoers.

Activity Monitoring for BigQuery detects SQL injections. It differentiates the normal and malicious transactions in real-time. With the help of learning rules, it identifies typical user queries and reveals anomalies. Even if they are not specifically against policy.

Google Cloud BigQuery monitoring solution collects detailed logs on database activity which is suitable for further analysis. It automatically analyzes data and provides understandable reports which can be useful during cybercrime investigation. Also, there is an opportunity to switch on notifications and add email addresses to receive alerts on fraudulent activities.

Logs contain the following information:

• User session data, including host, user, application names, IP addresses, session duration, list of processed queries, etc.
• Detailed event logs: code of the query, result of query execution.
• System data: changes made to the privacy policy, authentication data, privilege assignment, errors occurred.

Integration with SIEM systems such as McAfee, Splunk, IBM Qradar and others is available for real-time alert analysis. Alerting on non-typical operations enables administrators timely respond to malicious activities. It relieves them from the necessity of looking for suspicious activity among all other transactions.

Be sure that all users’ actions are under your control and your data is safe with DataSunrise Activity Monitoring for BigQuery.