Product Documentation

Setting up GCP Logs Ingestion

Last updated on 26 January, 2023

The following describes how to send logs from Google Cloud Platform (GCP) to LM Logs for analysis.

Prerequisites

Supported GCP Logs and Resources

LM Logs supports the following resources and log types:

  • GCP audit logs
  • GCP Cloud Composer logs
  • GCP Cloud Function logs
  • GCP Cloud Run logs
  • GCP CloudSQL logs
  • Virtual Machine (VM) instance logs

Installation Instructions

1. At the top right of your Google Cloud account, click Activate Cloud Shell. This opens the Cloud Shell Terminal below the workspace.

2. In the Terminal, run the following commands to select the project.

gcloud config set project [PROJECT_ID]

3. Run the following command to install the integration:

source <(curl -s https://raw.githubusercontent.com/logicmonitor/lm-logs-gcp/master/script/gcp.sh) && deploy_lm-logs

Installing the integration creates these resources:

  • A PubSub topic named export-logs-to-lm and a pull subscription.
  • A Virtual Machine (VM) named lm-logs-forwarder.

Note: You will be prompted to confirm the region where the VM is deployed. This should already be configured within your project.

Configuring the Log Forwarder

1. After the installation script completes, navigate to the Compute Engine > VM Instances and select lm-logs-forwarder.

2. Under Remote access, select SSH.

3. SSH into the VM (lm-logs-forwarder) and run the following command, filling in the values:

export GCP_PROJECT_ID="GCP_PROJECT_ID"
export LM_COMPANY_NAME="LM_COMPANY_NAME"
export LM_ACCESS_ID="LM_ACCESS_ID"
export LM_ACCESS_KEY="LM_ACCESS_KEY" 

source <(curl -s https://raw.githubusercontent.com/logicmonitor/lm-logs-gcp/master/script/vm.sh)

Exporting Logs from Logging to PubSub

You need to create a sink from Logging to the PubSub topic export-logs-to-lm (this was created at installation).

1. In the Logging page, filter the logs that you want to export.

Recommendation: Use the filters to remove logs that contain sensitive information so that they are not sent to LogicMonitor.

2. Click Actions > Create sink and under Sink details, provide a name.

3. Under Sink destination, choose Cloud Pub/Sub as the destination and select export-logs-to-lm. The pub/sub can be located in a different project.

4. Click Create sink. If there are no issues, you should see the logs stream into the Logs page in LogicMonitor.

Removing the Integration

Run the following command to delete the integration and all its resources:

source <(curl -s https://raw.githubusercontent.com/logicmonitor/lm-logs-gcp/master/script/gcp.sh) && delete_lm-logs
In This Article