LoFP LoFP / vpn tunnel being modified or deleted may be performed by a system administrator.

Techniques

Sample rules

Google Cloud VPN Tunnel Modified or Deleted

Description

Identifies when a VPN Tunnel Modified or Deleted in Google Cloud.

Detection logic

condition: selection
selection:
  gcp.audit.method_name:
  - compute.vpnTunnels.insert
  - compute.vpnTunnels.delete