Google Professional Cloud DevOps Engineer
Get started today
Ultimate access to all questions.
As a member of the DevOps team managing applications in your company's production project, a recent security incident has led to a new requirement: monitoring all network traffic to and from Compute instances within the production VPCs. Despite enabling VPC Flow Logs on the production VPC, no vpc_flows logs appear in Cloud Logging. What could be the reason for this?
As a member of the DevOps team managing applications in your company's production project, a recent security incident has led to a new requirement: monitoring all network traffic to and from Compute instances within the production VPCs. Despite enabling VPC Flow Logs on the production VPC, no vpc_flows logs appear in Cloud Logging. What could be the reason for this?
Explanation:
Option A is incorrect because the service account of the instances is not involved in capturing VPC Flow Logs. Option C is incorrect as there is no specific configuration required to enable VPC Flow Logs. Option D is incorrect because logging inclusion filters do not block logs from being sent. Option B is correct because logging exclusion filters can block specified logs, including VPC Flow Logs. Ensure there are no exclusion rules discarding these logs. Reference: Google Cloud VPC Flow Logs Documentation.