Versions Compared

Old Version 18

changes.mady.by.user Former user

Saved on

compared with

New Version 19

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel2
maxLevel2
typeflat

Purpose

This Activeboard summarizes information about the most relevant fields contained in GPC Cloud Audit log entries related to GCP Services audited API calls for a selected period of time. It allows you to filter by main log entry fields (Resource Type, Project ID, Service Name, Principal - entity issuing API calls - and Caller IP). The Activeboard is divided into four sections:

  1. Overview

  2. Errors

  3. Data by Main Categories

  4. Data Tables

Open Cloud Audit Activeboard

Once you have installed the application, you can access the Activeboard in the following ways:

Go to Exchange in the navigation pane and look for the Activeboard to open it. Click Open.

Go to Activeboards in the navigation pane and use the filter to open the Activeboard you downloaded.

Info

Know more about Activeboards

Refer to Manage and filter Activeboards article to know how to work with Activeboards.

Exploring the Activeboard

When opening the GCP Cloud Audit Activeboard, the information displays in 5 different sections:

Expand
title1. GCP Cloud Audit

Widget

Details

Resource Type

Project ID

Service

Principal

Caller IP

Line Graphs Grouping Period

Expand
title2. Overview

  • Total number of log entries.

  • Top 3 locations where resources for which API calls have been issued reside.

  • Percentage of log entries by type (Admin Activity, Data Access, System Events, Policy Denied).

  • Percentage of log entries by severity (Default, Debug, Info, Notice, Warning, Error, Critical, Alert, Emergency).

  • Evolution over time of the number of log entries by a type/severity combination.

  • A map locating API calls by CallerIP geo position and the total number of API calls registered for each CallerIP.

    • Top 5 most active public IPv4 CallerIP’s.

    Widget

    Details

    Image Added

    Total Number of Log Entries

    Image Added

    Log Entries by Top 3 Resources Locations

    Image Added

    Log Entries by Caller IP Location

    Image Added

    Top 5 Most Active Public IPv4’s

    Image Added

    Log Entries by Type

    Image Added

    Top 5 Log Entries by Severity

    Image Added

    Top 7 Log Entries by Type & Severity Over Time

    Image Added

    Top 7 Most Active Service Accounts

    Image Added

    Top 5 Most Active System Processes

    Image Added

    Top 5 Most Active Public IPv4’s

    Image Added

    Top 5 Most Active Users

  • Total number of log entries registering unsuccessful API calls.

  • Percentage of errors vs total number of log entries.

  • Percentage of errors by GCP Cloud Audit error code (mapping between numeric code and its corresponding description implemented for the sake of error interpretation).

    • Evolution over time of unsuccessful API calls by error type.
    Expand
    title3. Errors

    Widget

    Details

    Image Added

    Top 5 Users with Error in Logged Actions

    Image Added

    Top 5 Public IPv4’s with Error in LA’s

    Image Added

    Log Entries with Error

    Image Added

    Ok vs Error Log Entries

    Image Added

    Top 5 Log Entries by Error Over Time

    Image Added

    Top 5 Public IPv4’s with Error in Logged Actions

    Image Added

    Top 5 SP’s with Error in Logged Actions

    Image Added

    Top 5 Log Entries by Error

    Image Added

    Top 5 Log Entries by Error Over Time

    A column and a line chart showing Top 5 total number of log entries and their evolution over time, respectively, for the most relevant log entries fields (Resource Type, ProjectID, Service Name, and Method Name).
    Expand
    title3. Data by Main Categories

    Widget

    Details

    Image Added

    Top 5 Log Entries by Resource Types

    Image Added

    Top 5 Log Entries by Resource Type Over Time

    Image Added

    Top 5 Log Entries by Progect ID

    Image Added

    Top 5 Log Entries by Project ID Over Time

    Image Added

    Top 5 Log Entries by Service

    Image Added

    Top 5 Log Entries by Service Over Time

    Image Added

    Top 5 Log Entries by Method

    Image Added

    Top 5 Log Entries by Method Over Time

    A table for log entries grouped by Resource Type, ProjectID, Service Name, Principal, CallerIP, and Error Type.
    Expand
    title4. Data Table

    Widget

    Details

    Image Added

    Data Groupes by Main Categories

    Note

    Load data takes too long

    Sometimes some widgets take time to upload the data, it is possible to speed up the process by creating aggregation tasks. Refer to Aggregation tasks article to learn how to do it.