Skip to main content

lacework-global-774

Enable Logging and Cloud Monitoring (Automated)

Description

Send logs and metrics to a remote aggregator to mitigate the risk of local tampering in the event of a breach.

Remediation

Using Google Cloud Console:

To enable Logging:

  1. Go to Kubernetes Engine by visiting: https://console.cloud.google.com/kubernetes/list.
  2. Select the cluster with Logging disabled.
  3. Under the details pane, within the Features section, click the pencil icon named Edit logging.
  4. Check the box next to Enable Logging.
  5. In the drop-down Components box, select the components to log.
  6. Click Save Changes, and wait for the cluster to update.

To enable Cloud Monitoring:

  1. Go to Kubernetes Engine by visiting: https://console.cloud.google.com/kubernetes/list.
  2. Select the cluster Logging disabled.
  3. Under the details pane, within the Features section, click the pencil icon named Edit Cloud Monitoring.
  4. Check the box next to Enable Cloud Monitoring.
  5. In the drop-down Components box, select the components to log.
  6. Click Save Changes, and wait for the cluster to update.

Using Command Line:

To enable Logging for an existing cluster, run the following command:

gcloud container clusters update <cluster_name> --zone <compute_zone> --logging=<components_to_be_logged>

See https://cloud.google.com/sdk/gcloud/reference/container/clusters/update#--logging for a list of available components for logging.

To enable Cloud Monitoring for an existing cluster, run the following command:

gcloud container clusters update <cluster_name> --zone <compute_zone> --monitoring=<components_to_be_logged>

See https://cloud.google.com/sdk/gcloud/reference/container/clusters/update#--monitoring for a list of available components for Cloud Monitoring.

References

https://cloud.google.com/stackdriver/docs/solutions/gke/observing
https://cloud.google.com/stackdriver/docs/solutions/gke/managing-logs
https://cloud.google.com/stackdriver/docs/solutions/gke/installing
https://cloud.google.com/sdk/gcloud/reference/container/clusters/update#--logging
https://cloud.google.com/sdk/gcloud/reference/container/clusters/update#--monitoring

Last updated on