GCP Logs Monitoring

Your Logging setup can grow exponentially along with your other services.

Following GCP Logging setup checks are performed at a configurable frequency

Network Route Change Log Alerts Should Be Enabled

Ensures that logging and log alerts exist for VPC network route changes.

Network Change Log Alerts Should Be Enabled

Ensures that logging and log alerts exist for VPC network changes.

Firewall Change Log Alerts Should Be Enabled

Ensures that logging and log alerts exist for firewall rule changes.

SQL Configuration Change Log Alerts Should Be Enabled

Ensures that logging and log alerts exist for SQL configuration changes. Project Ownership is the highest level of privilege on a project, any changes in SQL configurations should be heavily monitored to prevent unauthorized changes.

Project Ownership Change Log Alerts Should Be Enabled

Ensures that logging and log alerts exist for project ownership assignments and changes. Project Ownership is the highest level of privilege on a project, any changes in project ownership should be heavily monitored to prevent unauthorized changes.

Audit Configuration Change Log Alerts Should Be Enabled

Ensures that logging and log alerts exist for audit configuration changes. Project Ownership is the highest level of privilege on a project, any changes in audit configuration should be heavily monitored to prevent unauthorized changes.

Storage Permissions Change Log Alerts Should Be Enabled

Ensures that logging and log alerts exist for storage permission changes. Storage permissions include access to the buckets that store the logs, any changes in storage permissions should be heavily monitored to prevent unauthorized changes.

Custom Role Change Log Alerts Should Be Enabled

Ensure that the log metric filter and alerts exist for Custom Role changes.

Cloud Audit Logging Should Be Enabled

Ensure that Cloud Audit Logging is configured properly across all services and all users from a project.

Sinks Should Be Configured For Log Entries

Ensure that sinks are configured for all log entries.

Log Buckets Should Have Retention Policies

Ensure that retention policies on log buckets are configured using Bucket Locks.