Skip to content

Cloud Operations

Architecture

For an overview of how to design a state of the art multi-account security logging platform in GCP:

Cloud Operations

General Info
  • Cloud Operations Suite consists of multi-cloud monitoring and management products that aggregate metrics, logs, and events
  • A Workspace is the root entity that holds monitoring and configuration information
    • A special project (the "Hosting" project) contains monitoring, configurations, dashboards, uptime checks, etc
    • The Operations workspace acquires the name of the hosting account project.

Products

Cloud Monitoring

General Info
  • Enables to monitor platform/system/application metrics
  • Ingest data into Cloud Logging and you can create different metrics, custom events, monitor for specific metadata changes
  • Built-in monitoring for
    • App Engine flexible
    • App Engine Standard
    • GKE
    • Istio
  • Cloud Monitoring Agent
    • For other services without Cloud Monitoring built in (e.g., GCE)

Cloud Logging

General Info
  • Manage and analyze log data
  • Built-in for
    • App Engine Flexible
    • App Engine Standard
    • GKE
    • Istio
    • Cloud Functions
    • Dataflow
  • Cloud Logging Agent
    • For GCE
    • Based on fluentd
  • Exporting logs
    • Cloud Storage
    • Pub/Sub
    • BigQuery