Traffic Director is Google Cloud's fully managed application networking platform and service mesh. For more details, refer to the GCP documentation.
You can collect the logs for Sumo Logic's Google Cloud Traffic Director integration by following the below steps.
Configure logs collection
- Collect Audit Logs using the Google Cloud Platform source. These Audit Logs can be accessed based on the permissions and roles. To enable logging for Google Traffic Director, refer to Google documentation. For more detail on Traffic Director operations being audited, refer to audited operations. While creating the sync in GCP, as part of the Choose logs to include in sink section, you can use the following query:
(resource.type="audited_resource" AND resource.labels.service=("trafficdirector.googleapis.com" OR "networkservices.googleapis.com" OR "networksecurity.googleapis.com"))
- Collect Platform Logs using the Google Cloud Platform source. Traffic Director log entries can provide important information for troubleshooting your service mesh, including records of successful connections and disconnections, error reports for misconfigured clients, and alerts about API resource conflicts. While creating the sync in GCP, as part of the Choose logs to include in sink section, you can use the following query:
(resource.type=("gateway_scope" OR "mesh") logName="trafficdirector.googleapis.com/events")
Make sure that you replace older api
resource.type=("gateway_scope" or "mesh") with