Skip to main content

lacework-global-818

2.16 Enable Logging for HTTP(S) Load Balancer (Region Backend) (Automated)

Description

Logging enables a HTTPS Load Balancer to show all network traffic and its destination.

Remediation

From Google Cloud Console:

  1. From Google Cloud home open the Navigation Menu in the top left.
  2. Under the Networking heading select Network services.
  3. Select the HTTPS load-balancer you wish to audit.
  4. Select Edit then Backend Configuration.
  5. Select Edit on the corresponding backend service.
  6. Click Enable Logging.
  7. Set Sample Rate to a desired value. This is a percentage as a decimal point. 1.0 is 100%.

From Google Cloud CLI:

Run the following command:

gcloud compute backend-services update <service_name> --region=<region> --enable-logging --logging-sample-rate=<percentage_as_a_decimal>

References

https://cloud.google.com/load-balancing/
https://cloud.google.com/load-balancing/docs/https/https-logging-monitoring#gcloud:-global-mode
https://cloud.google.com/sdk/gcloud/reference/compute/backend-services/

Last updated on