Console

Network threat findings

Security Command Center analyzes various logs for potential threats that affect network resources. For recommended responses to these threats, see Respond to network threat findings.

The following log-based detections are available with Event Threat Detection:

Active Scan: Log4j Vulnerable to RCE

Cloud IDS: THREAT_IDENTIFIER

Command and Control: DNS Tunneling

Defense Evasion: VPC Route Masquerade Attempt

Impact: VPC Firewall High Priority Block

Impact: VPC Firewall Mass Rule Deletion

Initial Access: Log4j Compromise Attempt

Log4j Malware: Bad Domain

Log4j Malware: Bad IP

Malware: bad domain

Malware: bad IP

Malware: Cryptomining Bad Domain

Malware: Cryptomining Bad IP

What's next

Learn about Event Threat Detection.
Learn how to respond to network threat findings.
Refer to the Threat findings index.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-10-24 UTC.