steampipe plugin install gcp

Table: gcp_logging_exclusion - Query Google Cloud Platform Logging Exclusions using SQL

Google Cloud Platform Logging Exclusions allow users to exclude certain logs from being stored, which can be critical for managing costs, avoiding unnecessary data retention, and adhering to privacy requirements. This service provides a way to set filters on logs based on resource type, log severity, and other attributes. It is an essential part of Google Cloud's logging and monitoring framework.

Table Usage Guide

The gcp_logging_exclusion table provides insights into Logging Exclusions within Google Cloud Platform. As a security analyst or cloud administrator, explore exclusion-specific details through this table, including filters, descriptions, and associated metadata. Utilize it to uncover information about exclusions, such as those with broad filters, the resources affected by exclusions, and the verification of exclusion settings.

Examples

Basic info

Explore which logging exclusions are currently disabled in your Google Cloud Platform (GCP) system. This allows you to identify potential gaps in your logging coverage and rectify them for better system monitoring and security.

select
name,
disabled,
filter,
description
from
gcp_logging_exclusion;
select
name,
disabled,
filter,
description
from
gcp_logging_exclusion;

List of exclusions which are disabled

Explore which logging exclusions are currently disabled in your Google Cloud Platform (GCP) setup. This can help ensure you're capturing all necessary logs for audit and compliance purposes.

select
name,
disabled
from
gcp_logging_exclusion
where
disabled;
select
name,
disabled
from
gcp_logging_exclusion
where
disabled = 1;

Schema for gcp_logging_exclusion

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form, e.g. connection_name.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
create_timetimestamp with time zoneThe creation timestamp of the exclusion
descriptiontextA user-specified, human-readable description of the exclusion
disabledbooleanSpecifies whether the exclusion is disabled, or not. If disabled it does not exclude any log entries.
filtertextAn advanced logs filter that matches the log entries to be excluded
locationtextThe GCP multi-region, region, or zone in which the resource is located.
nametext=The client-assigned identifier, unique within the project
projecttextThe GCP Project in which the resource is located.
titletextTitle of the resource.
update_timetimestamp with time zoneThe last update timestamp of the exclusion

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- gcp

You can pass the configuration to the command with the --config argument:

steampipe_export_gcp --config '<your_config>' gcp_logging_exclusion