Follow this step by step guide to get 'logs' from your system to Logit.io:
Step 1 - Confirm Google Operations Logs
First, confirm your logs are located in your project by visiting the logs viewer section on Google Cloud Platform.
Step 2 - Export Logs to Google Pub/Sub
Having located the logs you wish to export, choose the option to CREATE SINK. You will be prompted with the following options. Choose the Cloud PubSub topic option.
You will be then be prompted for:
- Sink name
- Sink Service (choose Pub/Sub)
- Sink Destination (choose create new Cloud Pub/Sub topic)
Once you've entered these details choose create sink. This will ensure that the logs you have specified are directed to the Pub/Sub sink
Step 3 - Create Google Pub/Sub
Locate your newly created Pub/Sub topic.
On your topic, click the ellipsis to the right.
Enter a suitable subscription ID and make sure delivery type is set to pull.
Scroll to the bottom of the page and press create.
Step 4 - Create Service Account
Visit service accounts and choose the project you want to add the service account to. This will be used to retrieve logs from the GooglePubSub and send to Logstash.
Select create a new service account.
Give your service account a name and add the relevant Pub/Sub permissions for the service account.
Now we need to create a key for the service account, this will be used by Logstash to access the service account in order to retrieve logs.
Click into the newly created service account.
Choose the option to add a key and then select create a key option, remember to download the service key as json when prompted.
Step 5 - Configuring Logstash
To start pulling Logs from the Google Cloud Platform pub/sub to your Stack a Logit.io engineer will configure the Logstash input for you. You can share the following details with our engineers securely over intercom using the button below.
project_id => The complete ID of your project topic => The name of the topic you created subscription => The name of the subscription you created json_key_file => The json key file for your service account.
Step 6 - Check Logit.io for your logs
Now you should view your data:
If you don't see logs take a look at How to diagnose no data in Stack below for how to diagnose common issues.
Step 7 - Google Operations Logging Overview
Google Operations (also formerly known as Google Stackdriver) is a logging platform that was acquired by Google in 2014. This move represented Google’s aims to centralise all of their closely related logging products and services under the same umbrella in Google Operations.
Google Operations allows users to search, analyse and monitor metrics from your Google Cloud services. The platform can also be used for hosted uptime probes & application instrumentation.
Google Operations creates JSON formatted log files that require ingesting & parsing for users to gain actionable insights from this data. Logstash can be used to parse attributes from JSON-formatted log files for processing in an ELK based log management system.
While many users of Google Cloud Platform may prefer using the cloud monitoring capabilities of this platform, Logit.io provides an alternative log management solution that also extends to managing not only GCP logs but also AWS, Azure & hundreds of other log data sources.
The Logit.io platform makes correlating the performance of your Google operations logs easy. We offer hosted Logstash to make automatically collecting all of your GCP logs seamless. Our Google Operations log file analyser can be used as part of our centralised log management platform to manage your data & monitor your cloud security.
If you require any assistance with analysing your Google Operations logs we're here to help. Feel free to reach out by getting in contact with us via live chat & we'll be happy to help you get started with managing your logs.