Table: gcp_logging_exclusion - Query Google Cloud Platform Logging Exclusions using SQL
Google Cloud Platform Logging Exclusions allow users to exclude certain logs from being stored, which can be critical for managing costs, avoiding unnecessary data retention, and adhering to privacy requirements. This service provides a way to set filters on logs based on resource type, log severity, and other attributes. It is an essential part of Google Cloud's logging and monitoring framework.
Table Usage Guide
The gcp_logging_exclusion table provides insights into Logging Exclusions within Google Cloud Platform. As a security analyst or cloud administrator, explore exclusion-specific details through this table, including filters, descriptions, and associated metadata. Utilize it to uncover information about exclusions, such as those with broad filters, the resources affected by exclusions, and the verification of exclusion settings.
Examples
Basic info
Explore which logging exclusions are currently disabled in your Google Cloud Platform (GCP) system. This allows you to identify potential gaps in your logging coverage and rectify them for better system monitoring and security.
select name, disabled, filter, descriptionfrom gcp_logging_exclusion;select name, disabled, filter, descriptionfrom gcp_logging_exclusion;List of exclusions which are disabled
Explore which logging exclusions are currently disabled in your Google Cloud Platform (GCP) setup. This can help ensure you're capturing all necessary logs for audit and compliance purposes.
select name, disabledfrom gcp_logging_exclusionwhere disabled;select name, disabledfrom gcp_logging_exclusionwhere disabled = 1;Schema for gcp_logging_exclusion
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form. | |
| akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
| create_time | timestamp with time zone | The creation timestamp of the exclusion | |
| description | text | A user-specified, human-readable description of the exclusion | |
| disabled | boolean | Specifies whether the exclusion is disabled, or not. If disabled it does not exclude any log entries. | |
| filter | text | An advanced logs filter that matches the log entries to be excluded | |
| location | text | The GCP multi-region, region, or zone in which the resource is located. | |
| name | text | = | The client-assigned identifier, unique within the project |
| project | text | =, !=, ~~, ~~*, !~~, !~~* | The GCP Project in which the resource is located. |
| sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
| sp_ctx | jsonb | Steampipe context in JSON form. | |
| title | text | Title of the resource. | |
| update_time | timestamp with time zone | The last update timestamp of the exclusion |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- gcpYou can pass the configuration to the command with the --config argument:
steampipe_export_gcp --config '<your_config>' gcp_logging_exclusion