Using Logging Tools
Cloud Audit Logs
This course looks at how to use and manage cloud logging on the GCP platform and includes demos from GCP that you can follow along with.
We'll cover writing and listing log entries using gcloud, how you can use the API Explorer to list log entries, and how you can view logs and query log entries using Logs Explorer. We'll then move on to cloud audit logs including an overview of the different types of logs, as well as looking at audit log retention, and how you can view audit logs and export audit logs.
- Write and list log entries with gcloud
- List log entries using API explorer
- View logs in the Logs Explorer
- Learn how to view, export, and retain audit logs
This course is intended for anyone who wants to learn how to use and manage cloud logging on the GCP platform.
To get the most out of this course, you should already have a basic understanding of GCP and know your way around the platform.
Hello and welcome to writing and listing log entries. What we're going to do in this lesson is look at how you can write log entries and at how you can list them using the gcloud tool. Now, cloud logging supports log entries that contain not only structured data but also entries that contain unstructured data.
Structured data, as you might expect, consists of a JSON data structure. An example of structured data will be something like first name, Steve. Unstructured data, however, usually consists of a string of characters. An example of unstructured data might be something like the sky is blue. What we're going to do here is use the gcloud tool to write both a log entry with structured data and a log entry with unstructured data.
To write a log entry with structured data to a log called tomsdatalog we'll use the gcloud logging write command. So let's go ahead and type this out and I'll show you what we're doing here. So we'll start with gcloud logging write. Now this command is going to perform the write to the data log.
Now what I need to do is specify the payload type. So we're going to specify a payload type of JSON. Now if I leave this JSON designator out, this payload type out, cloud logging would interpret this log entry as unstructured. But since we're creating a structured write here we need to specify that payload type.
Now what we'll do here is specify the log we're writing to. So we're writing to tomsdatalog. And then what we'll do is specify the message. And we'll call this a weather entry. And then we'll specify the actual weather type.
So what we're doing here is using the gcloud logging write command with a payload type of JSON to write a structured piece of data to tomsdatalog. That structured data is a weather entry that specifies sunny weather. So we'll go ahead and hit Enter here. And you can see here the log entry was created and we can tell this because we see the created log entry notification.
Now to write a log entry using unstructured data to this same log we could still use the gcloud logging write command but we're gonna do it a little bit differently. Now instead of specifying a payload type we just specify the data. So what we're gonna do here is write this data to our log and the data we're writing is simply a text line that says the sky is blue. What I did here was fail to include the data log.
So let's go back and fill in tomsdatalog. Remember when you write your data, you need to obviously tell the command where you're writing to. So we'll go ahead and hit Enter. And we can see that the log entry was created. So now that we have some log entries written let's list them out using the gcloud tool.
Now to do this I need to use the gcloud logging read command. I need to specify the global resource type and I need to specify the name and the location of my data log. So this command is a little bit longer, so stick with me but I'll explain it as we go here.
So we'll start with gcloud logging read. And then what we're gonna do is specify the global resource type. So we'll start with the quotes and then we need to append this with an and so we can specify the global resource type and the specific log that we're trying to read. And then we'll specify the name and path of tomsdatalog.
Now it resides in my Cloud Academy project so we need to give it the full path. And then it's in the logs folder and then tomsdatalog. And we end it with a quote here. And what this is going to do is read tomsdatalog and spit back everything that's in that log.
So we'll go ahead and hit Enter here. And we can see everything that we've added to this log has been regurgitated back to us. And we can see I've added quite a few different entries to this log, working through different labs and demos. Notice that we have both our structured and unstructured log entries displayed.
So as you can see here with just a short one-line command you can both write and list your log entries using gcloud.
Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.
In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.
In his spare time, Tom enjoys camping, fishing, and playing poker.