2c. Adding your GCP environment into LogicMonitor
Adding your Google Cloud Platform (GCP) environment into LogicMonitor for monitoring is simple and fast, and includes the following steps:
- Enable the GCP APIs
- Import the GCP DataSources into your LogicMonitor account
- Add your GCP Projects as cloud accounts in LogicMonitor (includes providing keys for a service account with sufficient access that LogicMonitor can use for discovery and monitoring)
Enable the GCP APIs
Prior to adding your GCP environment into LogicMonitor to be monitored, you’ll need to ensure that the following APIs are enabled in your GCP console:
- Compute Engine API
- App Engine Admin API
- Google Cloud SQL API
- Google Cloud Storage API
- Cloud Functions API
- Cloud Resource Manager API **only needed for the permission test
Import the GCP DataSources into your LogicMonitor account
You’ll need to ensure that all of our GCP DataSources are in your account. You can import the following DataSources from Settings | DataSources | Add | From LogicMonitor Repository:
Additionally, the following EventSource should be imported via Settings | EventSources | Add | From LogicMonitor Repository:
- GCP Service Health
Adding a GCP Project into LogicMonitor
Select Add | Cloud account from the Resources page in LogicMonitor
Provide a meaningful name and description, which will determine how your GCP project displays in LogicMonitor. You should additionally configure the Parent group (where do you want this GCP project displaying in the tree?) and add any desired properties. Once you select Next in the wizard, you’ll be prompted to provide permission related information. LogicMonitor uses a GCP Service Account to discover and monitor GCP resources, so next you’ll need to create a Service Account.
Create a Service Account that LogicMonitor can use to discover and monitor your GCP resources
From your GCP console, navigate to IAM & admin | Service accounts, and create a new service account:
Provide a name and description, select create, and then specify ‘Viewer’ permissions for the service account:
Once you’ve added Viewer permissions and hit continue, you’ll need to download a private key for your service account; select the JSON option:
Once you’ve downloaded the key, you’ll need to upload it to LogicMonitor in step 2 of the wizard, along with the project ID (which you can find by selecting the drop down arrow next to the project name in the top navigation bar of your GCP console):
**Note that the permission test will fail if the Cloud Resource Manager API is not enabled.
3. Configure GCP Services to be Monitored
The Auto-Discovery Frequency indicates how often LogicMonitor will check for new GCP resources in your account.
If you specify a Tag Filter, only GCP resources that meet the filter criteria will be added to your LogicMonitor account. Note that:
- You can use glob expressions with the tag filter (e.g. tag value = prod*)
- Resources will be discovered if they one contain or more tags specified with an include operation but not any of the exclude tags
- The tag filter is case sensitive
If you choose to automatically remove dead instances, you can further select whether this should happen immediately or after a specified period of time during which no data is received for the instance. Note that currently, the automatically remove dead instances functionality only applies to terminated GCP instances (i.e. stopped instances will not be auto-deleted).
Disabling alerting for terminated instances ensures you will not receive any alerts once instances are terminated, if they are not scheduled to be automatically deleted.
For example, you might add a GCP tag with a key value pair of monitoring:true to the compute instances you'd like to monitor, and then add a Tag Filter in LogicMonitor such that only compute instances with tags matching monitoring:true are added into monitoring.
4. Enable GCP Billing Monitoring
Opt in to billing monitoring to have LogicMonitor monitor your GCP spend. Detailed instructions here.
After you've added your GCP Account to LogicMonitor, you can force a NetScan to run and detect any new GCP resources in your account by selecting 'Manage' for your GCP Account group in LogicMonitor and then selecting 'save'.
Note: If you manually delete a GCP resource in LogicMonitor and don't change the configuration for discovering instances in your GCP project, that instance will be re-discovered. Make sure to set the automatically remove dead instances field (currently only applies to terminated GCP instances), de-select the appropriate region or service, or add a tag filter to ensure that only GCP resources you'd like to monitor are being discovered.