Answer-first summary for fast verification
Answer: Logging exclusion filters might be preventing the vpc_flows log from being recorded.
Option A is incorrect because the service account of the instances is not involved in capturing VPC Flow Logs. Option C is incorrect as there is no specific configuration required to enable VPC Flow Logs. Option D is incorrect because logging inclusion filters do not block logs from being sent. Option B is correct because logging exclusion filters can block specified logs, including VPC Flow Logs. Ensure there are no exclusion rules discarding these logs. Reference: [Google Cloud VPC Flow Logs Documentation](https://cloud.google.com/vpc/docs/using-flow-logs#no-vpc-flows).
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
As a member of the DevOps team managing applications in your company's production project, a recent security incident has led to a new requirement: monitoring all network traffic to and from Compute instances within the production VPCs. Despite enabling VPC Flow Logs on the production VPC, no vpc_flows logs appear in Cloud Logging. What could be the reason for this?
A
The service account for the instances lacks the necessary permissions.
B
Logging exclusion filters might be preventing the vpc_flows log from being recorded.
C
VPC Flow logs were set up incorrectly.
D
Logging inclusion filters could be blocking the vpc_flows log.
No comments yet.