Skip to the main content.

Why Netenrich

Digital Pulse: A Book by our CEO

Digital-Tone-An-Entrepreneurs-Guide-to-Security-Operations-That-Actually-Work

Partner Programs

Technology Partners

Native to the Google Ecosystem
Chronicle gRPC / HTTPS ingestion
Google SecOps Standardization processor
Data Processing Pipeline support
Praxis Otto on Gemini

The Challenge

Forwarders are dying.
Your visibility shouldn't.

Google SecOps Forwarders are being deprecated by the end of 2026 — and the legacy path to Chronicle was never built for insight.

▰ DEADLINE

Forwarder deprecation

Teams running legacy Linux forwarders face a hard 2026 cutover with no obvious, low-risk migration path.

▰ COST

Runaway Chronicle ingest

Raw, unfiltered telemetry inflates ingest and drowns analysts in noise — without a way to trim it intelligently at the edge.

▰ BLINDNESS

No pipeline visibility

Arcane collectors and intermediate relays are black boxes. When an event never reaches Chronicle, no one knows.

The Praxis Solution

From arcane forwarders to a single, observable agent.

Praxis replaces Nxlog agents and the intermediate Linux forwarder with one Praxis Agent — ingesting directly into Google SecOps, zero configuration.

Before · Legacy forwarder

  • Windows endpoints
  • Nxlog agents
  • Linux Chronicle forwarder (relay)
  • Google SecOps

After · Praxis

  • Windows endpoints
  • Praxis Agent — filter, label, standardize
  • Google SecOps (direct ingest)
  • + Full pipeline observability

Use Cases

Three ways Praxis goes deeper for Chronicle.

USE CASE 01

Forwarder Migration Accelerator

Migrate off deprecated Google Forwarders with a zero-configuration approach — replacing arcane collectors and the Linux relay with a single Praxis Agent or Gateway.

Cribl & Bindplane migrate too — but neither shows you what's happening inside the pipeline.

USE CASE 02

Unified Pipeline Management

One rich GUI to design and manage the Google SecOps data processing pipeline — at source, processor, and destination. Import what you run, edit visually, publish back.

Otto designs your pipeline. No console hand-editing or raw API calls.

USE CASE 03

Intelligent Routing & Retention

Route critical signal natively to Google SecOps and high-volume or benign data to Google Cloud Storage for cost-effective long-term retention — from one canvas.

Everyone routes. Only Praxis shows you exactly what's moving where, in real time.

Built for Chronicle

Google SecOps-native capabilities.

SecOps Standardization

Assigns correct log_type, namespace, and ingestion labels so data lands parser-ready.

Native Ingestion

gRPC / HTTPS delivery with durable, disk-backed retry and backpressure handling — no drops.

Data Processing Pipelines

Design and manage Google SecOps DPPs visually — filter, transform, redact before or during ingestion.

AI Regex via Otto

Paste a Chronicle log, describe the capture, and Otto generates the verified parser.

AI Masking

Auto-redact PII, PHI, and credentials before data ever reaches Chronicle.

Sovereign Dual-Write

Critical signal to SecOps, raw archives to on-prem MinIO for data residency.

15min

From legacy forwarder to live in Chronicle.

UDT swapped Nxlog agents and the intermediate Linux forwarder for a single Praxis Agent — direct ingestion into Google SecOps, zero configuration, zero disruption.

Praxis by Netenrich allowed us to migrate our endpoints in under 15 minutes with a zero-configuration approach. For the first time, we gained deep, real-time observability into our entire data pipeline, transforming how we route critical telemetry to Google SecOps.

RR
Richard R. Reynoso
SVP of Managed IT Services, United Data Technologies (UDT)

Beat the forwarder deadline.
See everything in Chronicle.

Watch Praxis migrate a live Google SecOps forwarder in 15 minutes
— with full pipeline observability from day one.