Search code examples
google-cloud-platformgoogle-cloud-storagegoogle-cloud-logginggoogle-cloud-monitoring

how to do Logging & Monitoring on Google Cloud Storage Buckets with IAM user

I want to create an alerting mechanism for GCS bucket events where users within my organization or my IAM users do anything on Buckets like Downloading, updating, or deleting, any object I should get an alert but I have no idea how I suppose to do this.

So far I have managed to create an alert if a user deletes anything or creates anything I got an alert on my slack channel

but I have no idea how I implement the above mention use case.

Solution

  • You have to activate the audit logs on Cloud Storage (be careful it can generate a lot of logs and then cost a lot, use with caution).

    Then you can do what you want with your logs:

    • Create a log based metrics and then an alert on that metrics (logs with read, write, delete operation)
    • Create a Cloud Logging sink to send messages in PubSub to script the action on each event (send an email, send a slack message,...)
    • Create a Cloud Logging sink to BigQuery and perform a periodic query followed by a formatted email with the query result to have a periodic report