Export Data to Google BigQuery
Set up continuous export of assets, vulnerabilities, and scan results from Mondoo to a Google BigQuery dataset.
Export your Mondoo security data to Google BigQuery so you can run SQL queries across your assets, vulnerabilities, and scan results. BigQuery is ideal for building custom dashboards, running trend analysis, or joining Mondoo data with other datasets in your data warehouse. Once configured, Mondoo automatically exports data approximately every 24 hours.
Requirements
-
The GCP IAM API enabled
-
The GCP BigQuery API enabled
-
The GCP CLI installed
-
Editor or Owner access to the space from which you want to export data
Create a service account for your Google BigQuery integration
To access the data it needs, your BigQuery integration needs a GCP service account. To learn about service accounts, read Understanding service accounts in the Google documentation.
-
Create a new GCP service account for the Mondoo integration to use.
For instructions, read Creating and managing service accounts in the Google documentation.
Note the email address created for the new service account.
-
Create a JSON key for the service account.
For instructions, read Create and manage service account keys in the Google documentation.
Save the JSON file that downloads to your workstation when you create the key. You need it to configure the integration (in the next section below).
Create a BigQuery dataset
Your BigQuery integration needs a GCP BigQuery dataset to which to export data. To learn about BigQuery datasets, read Introduction to datasets in the Google documentation.
-
Create a new GCP BigQuery dataset for the Mondoo integration to use.
For instructions, read Creating datasets in the Google documentation.
-
Assign the "BigQuery Data Editor" and "BigQuery User" roles to the GCP service account you created in the instructions above.
For instructions, read Grant access to a dataset in the Google documentation.
For a description of the permissions that the "BigQuery User" and "BigQuery Data Editor" roles grant, read Understanding roles in the Google documentation.
Add a BigQuery integration
-
In the Mondoo Console, navigate to the space from which you want to export data. In the side navigation bar, select Integrations. Under Exports, select BigQuery.
-
Enter a name for the integration.
-
In the Enter the Dataset ID box, enter your BigQuery dataset's resource ID. To find this value, read Listing datasets in the Google documentation.
-
Under Provide your Google service account config, drag and drop the JSON key file you downloaded earlier, or select the cloud icon to browse for it.
-
Select CREATE INTEGRATION.
Mondoo begins exporting data from your space. When the initial export completes, the status becomes active. Exports then run automatically approximately every 24 hours.
Manage your integration
To view your integration, select BigQuery under Integrations in the side navigation bar, then select the integration.
Trigger a manual export
Exports run approximately every 24 hours. To export immediately, select the SCHEDULE NOW button on the integration detail page.
Statuses
| Status | Meaning |
|---|---|
| active | The integration is healthy and exporting on schedule. |
| error | Mondoo encountered an error during the last export. |
Remove the integration
Select the trash can icon and confirm the deletion. Mondoo stops future exports but does not delete data already exported to BigQuery.