Skip to content

Logging

Architecture

For an overview of how to design a state of the art multi-account security logging platform in GCP:

References

Link Notes
Logging in the Cloud: From Zero to (Incident Response) Hero
  • Annotated slides of a talk which tries to answer questions like "What Should I Be Logging?", "How Specifically Should I Configure it?", and "What Should I Be Monitoring?"
  • Especially interesting since it doesn't cover only AWS, but also GCP and Azure
Best practices for monitoring GCP audit logs Nice primer on GCP audit logs, which covers the structure of GCP audit logs, best practices for using audit logs to monitor GCP security, and how how to export audit logs from GCP.