After a recent security incident, your startup company seeks to enhance visibility and control over activities within the Google Cloud environment. Specifically, it is crucial to monitor any unexpected changes to firewalls and the creation of new instances. The solution should align with the company's preference for straightforward and easily implementable options. What steps should you take to achieve this?

Exam-Like

Create a log sink to forward Cloud Audit Logs filtered for firewalls and compute instances to Cloud Storage. Use BigQuery to periodically analyze log events in the storage bucket.

17.0%

Use Cloud Logging filters to create log-based metrics for firewall and instance actions. Monitor the changes and set up reasonable alerts.

54.5%

Install Kibana on a compute instance. Create a log sink to forward Cloud Audit Logs filtered for firewalls and compute instances to Pub/Sub. Target the Pub/Sub topic to push messages to the Kibana instance. Analyze the logs on Kibana in real time.

7.1%

Turn on Google Cloud firewall rules logging, and set up alerts for any insert, update, or delete events.

21.4%

Google Associate Cloud Engineer

Get started today

Comments