Explanation:
The correct answer is C because the Logging sink's service account must have the necessary permissions to write to the Pub/Sub topic. Other options are incorrect for the following reasons: A misconfigured logging filter would still allow some logs to reach Pub/Sub (making D incorrect). Both Cloud Logging and Pub/Sub are global services, rendering A incorrect. Firewall rules do not impact traffic between Logging and Pub/Sub, making B incorrect. For more details, refer to the documentation on exporting Google Cloud data into Elastic Stack with Dataflow templates and routing logs to supported destinations.
Ultimate access to all questions.
No comments yet.
Imagine a company with a GCP organization hosting applications across various GCP projects. These applications send logs to Cloud Logging. The company aims to analyze these logs using third-party software like Elasticsearch. A Logs sink has been configured to direct logs to a Pub/Sub topic, yet no logs are appearing in Elasticsearch. What could be the underlying issue?
A
The Pub/Sub topic is located in a different region than the Logging Sink configuration.
B
A firewall rule is blocking egress traffic to the third-party software.
C
The service account associated with the Logging sink lacks permissions to access the Pub/Sub topic.
D
The logging filter has been incorrectly configured.