Google Stackdriver
Google Stackdriver is a monitoring service that provides IT teams with performance data about applications and virtual machines running on the Google Cloud Platform and Amazon Web Services public cloud. Google Stackdriver performs monitoring, logging and diagnostics to help businesses ensure optimal performance and availability. The service gathers performance metrics and metadata from multiple cloud accounts and allows IT teams to view that data through custom dashboard, charts and reports.
Connect Google StackDriver with Devo SOAR
Google Stackdriver Authentication
We can access Google stackdriver using Google service account credentials. The following details are required for that:
1. Google service account credentials file. This JSON file can be created/downloaded from https://console.cloud.google.com/iam-admin/serviceaccounts.
Navigate to Automations > Integrations.
Search for Google Stackdriver.
Click Details, then the + icon. Enter the required information in the following fields.
Label: Enter a connection name.
Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
Remote Agent: Run this integration using the Devo SOAR Remote Agent.
Credentials: Google credentials.
After you've entered all the details, click Connect.
Actions for Google StackDriver
Query Logs
Query the stackdriver logs. The following are the inputs needed:
Filter: Filter to be applied on logs. Below is one example of filter: "logName:
projects/project_name/logs/cloudaudit.googleapis.com%2Fdata_access"Max Events: maximum number of logs to be queried.
Input Field
Input: for above filter and maximum events 4
Output
A JSON object containing multiple rows of result.
Release Notes
v2.0.0
- Updated architecture to support IO via filesystem