You are setting up Cloud Logging for a new application running on a Compute Engine instance with a public IP address, using a user-managed service account attached to the instance. The required agents are running, but no log entries appear in Cloud Logging. How do you resolve this issue while adhering to Google's recommended practices?