Skip to main content

GCP Metrics Source

icon

The Sumo Logic GCP Metrics Source gives you complete visibility into all Google Cloud Platform (GCP) infrastructure and managed services using an integrated Google Service account.

note

For information on API calls and collected metrics, see the Collected metrics section.

Google Service account

Sumo Logic uses a Google Service Account to connect and make API calls on your behalf to collect metrics.

Consider the following when setting up your project and Service account:

  • The project you want to monitor requires the following enabled: Google Cloud billing, Cloud Monitoring API, the Compute Engine API, and the Cloud Asset API
  • The Service account requires the following roles to enable monitoring: Compute Viewer, Monitoring Viewer, and Cloud Asset Viewer.
  • When creating a GCP Metrics source, you will provide a JSON credentials file downloaded from Google Cloud Platform to enable this connection and collection.

You have two options for service accounts:

  • Create and configure a Service Account and download a JSON authentication file. You will upload this when configuring the GCP Metric source.
  • If one project holds all service accounts, add principals to the project id Sumo Logic will collect metrics from.

Create a Service Account and download JSON authentication

To create and configure a Service Account and download the JSON authentication file:

  1. Visit your Google Cloud project’s credentials page for the project you want to monitor.
  2. Click Create Credentials and select Service account.send-data/service-account.png
  3. Enter a unique name and click Create.send-data/service-account-create.png
  4. Click the Service account on the page to modify roles and download the JSON key.
  5. Click the Permissions tab and add the following roles: Compute Viewer, Monitoring Viewer, and Cloud Asset Viewer.
  6. Click the Keys tab then Add Key.send-data/service-account-keys.png
  7. Select JSON and click Create. You will use the downloaded JSON file when creating the source.

For more information, see Service account credentials.

Add Principals to the Project

If you create and manage all service accounts in one project which is different than the project Sumo Logic will collect metrics from, you need to add the Principal to the project you will collect GCP metrics.

  1. In the project, select IAM in the left navigation.
  2. Click +Add.add-principal.png
  3. Enter the email for the Service Account to add as a principal, for example: server@example.gsserviceaccount.com.
  4. Select a role from the list, or click +Add Another Role as needed.
  5. Click Save.
  6. You will need to make one change in the service account JSON if you have added a Principal. Change the project ID in the downloaded service account key to the projectId value where Sumo Logic will collect the metrics, not the project where the service account was created.

Set up a GCP Metrics source

For information on available metrics, see GCP Metrics.

  1. Select an existing Hosted Collector upon which to add the Source. If you do not already have a Collector you would like to use, create one, using the instructions on Create a Hosted Collector.

  2. In Sumo Logic select Manage Data > Collection > Collection.

  3. Click Add Source next to a Hosted Collector.

  4. Search for and select GCP Metrics.
    gcp-icon.png

  5. Name. Enter a name to display for the new source.

    gcp-metrics-basic.png
  6. Description. Optional description.

  7. Regions. Optional limit to selected Google Cloud regions.

    note

    Some metrics do not include or support a region.

  8. Services. Select one or more of the following Services.

    Click to expand.
    App name
    App Engineappengine.googleapis.com
    Big Querybigquery.googleapis.com
    Bigtablebigtable.googleapis.com
    CloudSQLcloudsql.googleapis.com
    Cloud APIsserviceruntime.googleapis.com
    Cloud Composercomposer.googleapis.com
    Cloud Dataprocdataproc.googleapis.com
    Cloud Filestorefile.googleapis.com
    Cloud Firestorefirestore.googleapis.com
    Cloud Interconnectinterconnect.googleapis.com
    Cloud IoTcloudiot.googleapis.com
    Cloud Load Balancingloadbalancing.googleapis.com
    Cloud Memorystore for Redisredis.googleapis.com
    Cloud Routerrouter.googleapis.com
    Cloud Runrun.googleapis.com
    Cloud Taskscloudtasks.googleapis.com
    Cloud TPUtpu.googleapis.com
    Compute Enginecompute.googleapis.com
    Container Enginecontainer.googleapis.com
    Datastoredatastore.googleapis.com
    Firebasefirebasedatabase.googleapis.com
    Functionscloudfunctions.googleapis.com
    Machine Learningml.googleapis.com
    Pub/Subpubsub.googleapis.com
    Spannerspanner.googleapis.com
    Cloud Logginglogging.googleapis.com
    Storagestorage.googleapis.com
    VPNvpn.googleapis.com
    Networkingnetworking.googleapis.com
    Auto Scalerautoscaler.googleapis.com
    Network Securitynetworksecurity.googleapis.com
    Net Appnetapp.com.googleapis.com
    Cloudvolumes Net Appcloudvolumesgcp-api.netapp.com
    VPN Accessvpcaccess.googleapis.com
  9. Custom Services (Optional). A Custom Service for collecting custom metrics. Click the +Add link to add a custom service using a name (key) and value. For example, enter service1 and custom.googleapis.com/my_cumulative_metric1;custom.googleapis.com/my_cumulative_metric2;.
    gcp-custom-services.png

    note

    Do not use quotes when entering a custom service.

  10. Source Category (Optional). The Source Category value is tagged to each log and stored in a searchable metadata field called _sourceCategory. See our Best Practices: Good Source Category, Bad Source Category. Avoid using spaces so you do not have to quote them in keyword search expressions. This can be a maximum of 1,024 characters.

  11. Fields. Click the +Add link to add custom log metadata Fields, then define the fields you want to associate. Each field needs a name (key) and value. Look for one of the following icons and act accordingly:

    • green check circle.png A green circle with a check mark is shown when the field exists and is enabled in the Fields table schema.
    • orange exclamation point.png An orange triangle with an exclamation point is shown when the field doesn't exist, or is disabled, in the Fields table schema. In this case, an option to automatically add or enable the nonexistent fields to the Fields table schema is provided. If a field is sent to Sumo that does not exist in the Fields schema or is disabled it is ignored, known as dropped.
  12. GCP Access. Upload the JSON Google service account credentials file. This allows Sumo Logic to make API calls to Google Cloud.

  13. Scan Interval. Use the default of 1 minute, or change this value to indicate how frequently Sumo Logic should poll the GCP API. To learn more about polling interval considerations, see GCP Scan Interval below.

  14. Processing Rules. Configure any desired filters, such as allowlist and denylist, as described in Metrics Include and Exclude Rules.

  15. Click Save.

GCP metric visibility

Your GCP metrics will not be immediately available in Sumo Logic. Metrics should be available after a period approximately equal to the metric latency on GCP plus five minutes.

The scan interval indicates the frequency at which Sumo Logic polls metrics, which may take a minute to complete the polling loop for a source. Sumo Logics takes 30 to 120 sections to become searchable on the platform.

GCP scan interval

The scan interval defines how long Sumo Logic waits between calls to the GCP API. This does not affect the number of metric data points collected. If metrics are published to GCP every minute, and you scan every 5 minutes, then each API response would return 5 data points. Decreasing the interval will reduce the number of API calls, which may help with your GCP bill. However, it will also add latency to your GCP Metrics collection.

Google reports GCP metrics at different granularities (1-minute and 5-minute intervals), so setting a scan interval that is too short could lead to excessive querying. Setting an interval that is too long can delay the update frequency of new metrics appearing in Sumo Logic.

Under some circumstances, Sumo Logic automatically increases the scan interval to avoid data loss due to throttling of data by Google Cloud Platform. See Enable and Manage the Audit Index for details.

Costs for using GCP Metric Sources

The monetary costs incurred for your Google accounts is based on the API calls made and amount of data accessed and scanned. Consider your source configuration of services and intervals to reduce costs. The number of collectors does not affect your credits or costs.

Metric ingestion costs include the following:

  • Sumo Logic invokes the List Metric Descriptors and List Monitored Resource Descriptors APIs once per scan.
  • The Number of Timeseries APIs invoked is a function of selected services and the configured scan interval. GCP charges an amount per one million API invocations.

Collected metrics

For details on GCP collected metrics, refer to the Google Cloud metrics documentation.

API Call Optimization for GCP Metrics

The minimum sample period for GCP metrics is 60 seconds, in which only 1 data point is returned with the same value for min, max, sum, avg, and count. To reduce the number of API calls and chance of throttling, Sumo fetches one statistic which reduces five API calls to one with a sample period of 60 seconds. Which statistics will be queries depends on Metric Kind and Value type. For more information, see Google Value types and metric kinds.

Value TypeDELTA Metric KindCUMULATIVE Metric KindGAUGE Metric Kind
INT64MeanDeltaMean
DOUBLEMeanDeltaMean
DISTRIBUTIONSumDeltaSum
BOOLN/AN/ACount

Health Events

Health events are provided for the following:

  • Connection to the GCP server fails: This connection error may be due to incorrect or invalid credentials or the project has been deleted, including incorrect project id, private key, client email, and access.
  • No metric is found to ingest due to source configuration: The source may include a custom service that does not exist or match data (due to typos or incorrect name). Verify your source configuration against available GCP metrics.
  • Throttling or Unavailable: A GCP timeseries query may fail due to the GCP server being throttled or unavailable.

API calls

Sumo Logic makes the following API calls for GCP metrics:

  • List Metric Descriptors
  • List Monitored Resource Descriptors
  • List Time Series

Create Queries and Alerts

With the source collecting metrics from GCP, see Metric Queries and Alerts for more information on queries and alerts.

Legal
Privacy Statement
Terms of Use

Copyright © 2023 by Sumo Logic, Inc.