Google Cloud Storage Audit

Google Cloud Storage Audit

Ship audit logs from Google Cloud Storage to Logstash

Install Integration

Please click on the Install Integration button to configure your stack for this source.

Export Logs to Google Pub/Sub

Ensure that you have Cloud Storage Audit Logs configured in GCP (opens in a new tab).

Now we can filter the logs as needed, by clicking on the service name and choosing Show matching entries as shown below.

Filter the logs that we want to export

Read more about how to configure and export logs using the Google Operations Console (opens in a new tab)

Create A Sink

To export the logs choose Create sink as shown below.

Select sink service You will be then be prompted for:

  • Sink details (enter a name)
  • Sink destination (choose Cloud Pub/Sub topic creating a new topic if needed)
  • Choose logs to include in sink (this will have a filter applied already if you filtered the logs above)

Choose Create sink to continue.

Fill in edit sink form

Create Google Pub/Sub

Locate your newly created Pub/Sub topic (opens in a new tab) and choose Create subscription.

Find topic in Topics menu

Enter a suitable Subscription ID and leave the delivery type as pull.

We don't need to change anything further at this stage, scroll to the bottom and choose CREATE to create the Subscription.

Create Service Account

Now in service accounts (opens in a new tab), choose the project you're working with.

Then select CREATE SERVICE ACCOUNT, this account will be used to retrieve logs from the Pub/Sub and send them to Logit.io.

Service accounts screenshot

Name the service account and in step 2 add the role Pub/Sub Subscriber as shown below, then choose DONE.

View new service account

Now choose Manage keys as shown below.

Add key using dropdown

Then choose ADD KEY > Create new key, choosing the recommended JSON format. This will download the JSON key to your machine ready to use in the next step.

Add key using dropdown

Configuring Logstash

To start pulling logs and metrics from the Google Cloud Platform to your Stack you need to configure a Google Cloud Platform Input on your Logit.io Stack.

Go to Dashboard

Logit.io will verify your input before it is applied, we will contact you to confirm when this has been completed.

Launch Logit.io to view your logs

Data should now have been sent to your Stack.

View My Data

If you don't see take a look at How to diagnose no data in Stack below for how to diagnose common issues.

Cloud Storage Logging Overview

Effectively analyzing data is a crucial aspect of maintaining the performance and security of your applications on Google Cloud Platform (GCP). If you're looking to centralize and gain insights from your log data stored in Google Cloud Storage, integrating it with Logit.io can be a game-changer.

Logit.io offers a robust log management and analysis platform that can help you extract valuable insights from your log data. Explore the extensive range of services and tools that GCP offers via our source integrations to make the most of your cloud infrastructure. Additionally, for a holistic approach to data management and application performance, you should consider how Google Cloud Load Balancer can enhance the availability and scalability of your applications.

Discover the seamless integration options within Logit.io's GCP logging (opens in a new tab).