Skip to content

GLEAN

GLEAN

About

Glean is an AI-powered enterprise search and knowledge management platform designed for workplaces.

Product Details

Vendor URL: GLEAN

Product Type: AI-Powered management platform

Product Tier: Tier III

Integration Method: N/A

Integration URL: N/A

Log Guide: N/A

Parser Details

Log Format: N/A

Expected Normalization Rate: Near 100%

Data Label: GLEAN

UDM Fields (list of all UDM fields leveraged in the Parser):

Log File Field UDM Field
insertId metadata.product_log_id
jsonPayload.actor principal.user.userid
jsonPayload.inferredCountry principal.location.country_or_region
jsonPayload.ipAddress principal.ip
jsonPayload.userActivity.apiPath additional.fields
jsonPayload.userActivity.response.httpStatusCode network.http.response_code
labels.branch additional.fields
labels.commit_hash additional.fields
labels.full_version principal.platform_version
logName additional.fields
resource.labels.cluster_name additional.fields
resource.labels.container_name additional.fields
resource.labels.location principal.location.name
resource.labels.pod_name principal.resource.name
resource.labels.project_id principal.resource.id
resource.type metadata.product_event_type
timestamp metadata.event_timestamp

Product Event Types

Event UDM Event Classification
all GENERIC_EVENT

Log Sample

{"insertId":"abc123xyz789","jsonPayload":{"actor":"john.doe@demo-example.com","inferredCountry":"zz","ipAddress":"10.0.0.0","userActivity":{"apiPath":"/api/v1/search","request":{"getParams":"{\"clientVersion\":[\"fe-release-2024-01-01-demo\"],\"locale\":[\"en\"]}"},"response":{"httpStatusCode":"200"}}},"labels":{"branch":"release-demo-build","commit_hash":"a1b2c3d4e5f678901234567890abcdef12345678","full_version":"\"100.001\""},"logName":"projects/demo-project/logs/audit-log","receiveTimestamp":"2025-01-01T12:00:00.000000Z","resource":{"labels":{"cluster_name":"demo-cluster","container_name":"app-container","location":"us-test1-a","namespace_name":"default","pod_name":"demo-pod-abc123","project_id":"demo-project"},"type":"k8s_container"},"timestamp":"2025-01-01T11:59:59.000000Z"}

Sample Parsing

metadata.product_log_id = "abc123xyz789"
principal.user.userid = "john.doe@demo-example.com"
principal.location.country_or_region = "zz"
principal.ip = "10.0.0.0"
additional.fields = "/api/v1/search"
network.http.response_code = "440"
additional.fields = "release-demo-build"
additional.fields = "a1b2c3d4e5f678901234567890abcdef12345678"
principal.platform_version = "470.111"
additional.fields = "projects/demo-project/logs/audit-log"
additional.fields = "demo-cluster"
additional.fields = "app-container"
principal.location.name = "us-test1-a"
principal.resource.name = "demo-pod-abc123"
principal.resource.id = "demo-project"
metadata.product_event_type = "k8s_container"
metadata.event_timestamp = timestamp