Versions Compared

Old Version 18

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Borja Moro Moreno

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel2
maxLevel2
typeflat

...

Purpose

This Activeboard summarizes information about the most relevant fields contained in GPC Cloud Audit log entries related to GCP Services audited API calls for a selected period of time. It allows you to filter by main log entry fields (Resource Type, Project ID, Service Name, Principal - entity issuing API calls - and Caller IP). The Activeboard is divided into four sections:

  1. Overview

  2. Errors

  3. Data by Main Categories

  4. Data

...

Open Cloud Audit Activeboard

Once you have installed the application, you can access the Activeboard in the following ways:

Go to Exchange in the navigation pane and look for the Activeboard to open it. Click Open.

Image Removed

Go to Activeboards in the navigation pane and use the filter to open the Activeboard you downloaded.

Image Removed
Info

Know more about Activeboards

Refer to Manage and filter Activeboards article to know how to work with Activeboards.

Exploring the Activeboard

When opening the GCP Cloud Audit Activeboard, the information displays in 5 different sections:

  1. Table

...

Expand
title

...

Widget

...

Details

...

Resource Type

...

...

Project ID

...

...

Service

...

...

Principal

...

...

Caller IP

...

...

Line Graphs Grouping Period

Expand
title2. Overview

  • Total number of log entries.

  • Top 3 locations where resources for which API calls have been issued reside.

  • Percentage of log entries by type (Admin Activity, Data Access, System Events, Policy Denied).

  • Percentage of log entries by severity (Default, Debug, Info, Notice, Warning, Error, Critical, Alert, Emergency).

  • Evolution over time of the number of log entries by a type/severity combination.

  • A map locating API calls by CallerIP geo position and the total number of API calls registered for each CallerIP.

  • Top 5 most active public IPv4 CallerIP’s.

Expand
title3. Errors

  • Total number of log entries registering unsuccessful API calls.

  • Percentage of errors vs total number of log entries.

  • Percentage of errors by GCP Cloud Audit error code (mapping between numeric code and its corresponding description implemented for the sake of error interpretation).

  • Evolution over time of unsuccessful API calls by error type.

Expand
title3. Data by Main Categories

A column and a line chart showing Top 5 total number of log entries and their evolution over time, respectively, for the most relevant log entries fields (Resource Type, ProjectID, Service Name, and Method Name).

Expand
title4. Data Table

A table for log entries grouped by Resource Type, ProjectID, Service Name, Principal, CallerIP, and Error Type.

Included widgets

Filters

Resource Type: Select input

Service: Text box input

Caller IP: Text box input

Project ID: Text box input

Principal: Text box input

Line Graphs Grouping Period: Select input

Overview

Total Number of Log Entries: Simple value widget

Log Entries by Type: Pie chart widget

Top 5 Most Active System Processes: Table widget

Log Entries by Top 3 Resources Locations: Column chart widget

Top 5 Log Entries by Severity: Pie chart widget

Top 5 Most Active Public IPv4’s: Table widget

Log Entries by Caller IP Location: Markers map widget

Top 7 Log Entries by Type & Severity Over Time: Line chart widget

Top 5 Most Active Users: Table widget

Top 5 Most Active Public IPv4’s: Table widget

Top 7 Most Active Service Accounts: Table widget

Errors

Top 5 Users with Error in Logged Actions: Table widget

Ok vs Error Log Entries: Pie chart widget

Top 5 SP’s with Error in Logged Actions: Table widget

Top 5 Public IPv4’s with Error in LA’s: Table widget

Top 5 Log Entries by Error Over Time: Line chart widget

Top 5 Log Entries by Error: Pie chart widget

Log Entries with Error: Simple value widget

Top 5 Public IPv4’s with Error in Logged Actions: Table widget

Top 5 Log Entries by Error Over Time: Line chart widget

Data by Main Categories

Top 5 Log Entries by Resource Types: Column chart widget

Top 5 Log Entries by Project ID Over Time: Area chart widget

Top 5 Log Entries by Method: Column chart widget

Top 5 Log Entries by Resource Type Over Time: Area chart widget

Top 5 Log Entries by Service: Column chart widget

Top 5 Log Entries by Method Over Time: Area chart widget

Top 5 Log Entries by Progect ID: Column chart widget

Top 5 Log Entries by Service Over Time: Area chart widget

Data table

Data Groupes by Main Categories: Table widget

Prerequisites

To use thisActiveboard, you must have the following data sources available on your domain:

Open Activeboard

Once you have installed the Activeboard, you can use the Open button at the top right of the card in Exchange to access it and see the different widgets populated with the relevant data. You can also access the Activeboard area via the Navigation pane.

...

Info

Data loading takes too long?

Sometimes some widgets take time to upload the data, it is possible to speed up the process by creating aggregation tasks. Refer to the Aggregation tasks article to learn how to do it.

Use Activeboard

After installing and opening the Activeboard, you can use its widgets to visualize and monitor data. To do this, each widget offers a variety of customization and visualization options. Refer to Using widgets and Using inputs to know them all.