Google Cloud IDS Metrics
Ship your Google Cloud IDS Metrics via Telegraf to your Logit.io Stack
Follow the steps below to send your observability data to Logit.io
Metrics
Configure Telegraf to ship Google Cloud IDS metrics to your Logit.io stacks via Logstash.
Install Integration
Set Credentials in GCP
@intro
-
Begin by heading over to the 'Project Selector' (opens in a new tab) and select the specific project from which you wish to send metrics.
- Progress to the 'Service Account Details' screen. Here, assign a distinct name to your service account and opt for 'Create and Continue'.
- In the 'Grant This Service Account Access to Project' screen, ensure the following roles: 'Compute Viewer', 'Monitoring Viewer', and 'Cloud Asset Viewer'.
- Upon completion of the above, click 'Done'.
- Now find and select your project in the 'Service Accounts for Project' list.
- Move to the 'KEYS' section.
- Navigate through Keys > Add Key > Create New Key, and specify 'JSON' as the key type.
- Lastly, click on 'Create', and make sure to save your new key.
Now add the environment variable for the key
On the machine run:
export GOOGLE_APPLICATION_CREDENTIALS=<your-gcp-key>
Install Telegraf
This integration allows you to configure a Telegraf agent to send your metrics, in multiple formats, to Logit.io.
Choose the installation method for your operating system:
When you paste the command below into Powershell it will download the Telegraf zip file.
Once that is complete, press Enter again and the zip file will be extracted into C:\Program Files\InfluxData\telegraf\telegraf-1.31.2
.
wget https://dl.influxdata.com/telegraf/releases/telegraf-1.31.2_windows_amd64.zip -UseBasicParsing -OutFile telegraf-1.31.2_windows_amd64.zip
Expand-Archive .\telegraf-1.31.2_windows_amd64.zip -DestinationPath 'C:\Program Files\InfluxData\telegraf'
Configure the Telegraf input plugin
First you need to set up the input plug-in to enable Telegraf to scrape the GCP data from your hosts. This can be accomplished by incorporating the following code into your configuration file:
# Gather timeseries from Google Cloud Platform v3 monitoring API
[[inputs.stackdriver]]
## GCP Project
project = "<your-project-name>"
## Include timeseries that start with the given metric type.
metric_type_prefix_include = [
"@metric_type",
]
## Most metrics are updated no more than once per minute; it is recommended
## to override the agent level interval with a value of 1m or greater.
interval = "1m"
Read more about how to configure data scraping and configuration options for Stackdriver (opens in a new tab)
Configure the output plugin
Once you have generated the configuration file, you need to set up the output plug-in to allow Telegraf to transmit your data to Logit.io in Prometheus format. This can be accomplished by incorporating the following code into your configuration file:
[[outputs.http]]
url = "https://@metricsUsername:@metricsPassword@@metrics_id-vm.logit.io:@vmAgentPort/api/v1/write"
data_format = "prometheusremotewrite"
[outputs.http.headers]
Content-Type = "application/x-protobuf"
Content-Encoding = "snappy"
Start Telegraf
From the location where Telegraf was installed (C:\Program Files\InfluxData\telegraf\telegraf-1.31.2
) run the program
providing the chosen configuration file as a parameter:
.\telegraf.exe --config telegraf-demo.conf
Once Telegraf is running you should see output similar to the following, which confirms the inputs, output and basic configuration the application has been started with:
View your metrics
Data should now have been sent to your Stack.
View My DataIf you don't see metrics take a look at How to diagnose no data in Stack below for how to diagnose common issues.
How to diagnose no data in Stack
If you don't see data appearing in your stack after following this integration, take a look at the troubleshooting guide for steps to diagnose and resolve the problem or contact our support team and we'll be happy to assist.
Telegraf Google AI Platform metrics Overview
The integration of Telegraf with Google Cloud IDS empowers organizations to monitor and collect metrics related to security threats, providing real-time visibility into intrusion attempts, malware detection, and other security events. This capability is essential for maintaining robust security postures, enabling IT and security teams to respond swiftly to potential threats and ensure the integrity of their cloud environments.
Despite the criticality of these metrics, the complexity and volume of data generated can pose significant analysis and management challenges. Logit.io emerges as a comprehensive solution to these challenges, offering an advanced platform for the efficient processing and analysis of security metrics from Telegraf and Google Cloud IDS.
By leveraging Logit.io, organizations can enhance their security analytics, enabling faster detection and response to potential threats detected by Google Cloud IDS. Our platform not only facilitates the efficient management of security data but also supports compliance and helps in identifying security trends and vulnerabilities within cloud environments.
If you're integrating Telegraf with Google Cloud IDS and seeking to optimize your security data analytics, Logit.io is here to support you. Our platform offers the tools and expertise needed to manage complex security data effectively.By collecting and reporting metrics from active IDS instances and other relevant sources, Telegraf enables organizations to understand the performance of Google Cloud IDS. After transmitting these metrics from Telegraf to Prometheus (opens in a new tab) in its format, further comprehensive analysis and visualization can be performed using Grafana (opens in a new tab). This process provides an in-depth understanding of performance patterns and potential issues within Google Cloud IDS.
If you need any further assistance with shipping your log data to Logit.io we're here to help you get started. Feel free to get in contact with our support team by sending us a message via live chat & we'll be happy to assist.