Log Streams -> Googleapis (Chronicle)

Help
,
1

Hi, we are trying to post Auth0 Logs using a Custom Webhook Stream to a Google Chronicle.

In the URL, we are using:
https://eu-chronicle.googleapis.com/v1alpha/projects/xxxxxxx/locations/eu/instances/xxxxxxx/feeds/xxxxxxxx:importPushLogs

In authorization token we tried several ways:

X-goog-api-key=XXXXXXX
“X-goog-api-key” : “XXXXXXX”
{“X-goog-api-key” : “XXXXXXX”}

When using this in a python script, it works returning a 200 status:

session.post(https://eu-chronicle.googleapis.com/v1alpha/projects/xxxxxxx/locations/eu/instances/xxxxxxx/feeds/xxxxxxxx:importPushLogs, data=“DINKDOINK1”, headers={“X-goog-api-key”:“XXXXXXXXX”})

But when using it in Auth0, we receive:

“error”: {
“code”: “403”,
“message”: “Forbidden”,
“details”: “{\n "error": {\n "code": 403,\n "message": "Method doesn’t allow unregistered callers (callers w”
}

What should we do?

2

Hi @renato.coneglian , thanks for posting!

I will try to help.

Where do you use this code snippet to call google’s APIs in Auth0? In Actions?

Did you receive this error on the google side?

I think you have to ship the google’s project identifier when calling Google APIs.
So to connect the client (your script used to call Google’s APIs) with some quota/billing related identifier.

Something like GOOGLE_CLOUD_QUOTA_PROJECT =<your project ID>

Please let us now your thoughts!

3

Hi Marcelina! Thanks for the answer.

We are trying to send the logs to Chronicle, so we are configuring a Custom Webhook inside Monitoring → Streams.

This erros are appearing inside the Stream Health tab with a Forbidden status.

image
image494×851 34.2 KB

image
image862×706 35.7 KB

4

Solved by Auth0 Support:

Hello Renato,

Thanks for contacting Auth0 Support, my name is Federico Coppede, glad to assist,

It’s not possible to set custom headers with log streams, if you add your api-key to the authorization token input, it will be sent in the Authorization header.

You could add that key as a query string to your URL as explained here:

https://eu-chronicle.googleapis.com/v1alpha/projects/xxxxxxx/locations/eu/instances/xxxxxxx/feeds/xxxxxxxx:importPushLogs?key=API_KEY

Let me know how that goes,

Thank you!


Federico Coppede
Lead, Developer Support Engineer - LatAm, https://auth0.com

1 Like
5

Thanks so much for sharing!

6

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.