lacework-global-818
Enable Logging for HTTP(S) Load Balancer (Region Backend) (Automated)
Description
Logging enables a HTTPS Load Balancer to show all network traffic and its destination.
Remediation
From Google Cloud Console:
- From Google Cloud home open the Navigation Menu in the top left.
- Under the Networking heading select Network services.
- Select the HTTPS load-balancer you wish to audit.
- Select Edit then Backend Configuration.
- Select Edit on the corresponding backend service.
- Click Enable Logging.
- Set Sample Rate to a desired value. This is a percentage as a decimal point. 1.0 is 100%.
From Google Cloud CLI:
Run the following command:
gcloud compute backend-services update <service_name> --region=<region> --enable-logging --logging-sample-rate=<percentage_as_a_decimal>
References
https://cloud.google.com/load-balancing/
https://cloud.google.com/load-balancing/docs/https/https-logging-monitoring#gcloud:-global-mode
https://cloud.google.com/sdk/gcloud/reference/compute/backend-services/