steampipe plugin install gcp

Table: gcp_monitoring_alert_policy - Query Google Cloud Monitoring Alert Policies using SQL

Google Cloud Monitoring Alert Policies are a part of Google Cloud's operations suite that enables users to define conditions under which alerts are triggered. These alerts notify about specific events occurring in your Google Cloud environment. Alert policies are used to monitor resources, services, and applications running on Google Cloud.

Table Usage Guide

The gcp_monitoring_alert_policy table provides insights into alert policies within Google Cloud Monitoring. As a DevOps engineer or a system administrator, you can explore policy-specific details through this table, including conditions, enabled status, and associated notification channels. Utilize it to uncover information about alert policies, such as those with specific conditions, the notification channels associated with each policy, and the verification of policy status.

Examples

Basic info

Explore which monitoring alert policies are enabled in your Google Cloud Platform. This can help you assess the current alerting configuration and discover any potential gaps in your monitoring strategy.

select
display_name,
name,
enabled,
documentation ->> 'content' as doc_content,
tags
from
gcp_monitoring_alert_policy;
select
display_name,
name,
enabled,
json_extract(documentation, '$.content') as doc_content,
tags
from
gcp_monitoring_alert_policy;

Get the creation record for each alert policy

Discover the segments that show when and by whom each alert policy was last modified. This can be particularly useful for auditing purposes or to track changes in alert policies over time.

select
display_name,
name,
creation_record ->> 'mutateTime' as mutation_time,
creation_record ->> 'mutatedBy' as mutated_by
from
gcp_monitoring_alert_policy;
select
display_name,
name,
json_extract(creation_record, '$.mutateTime') as mutation_time,
json_extract(creation_record, '$.mutatedBy') as mutated_by
from
gcp_monitoring_alert_policy;

Get the condition details for each alert policy

Discover the specifics of each alert policy, including the filter details and threshold values. This allows for a comprehensive understanding of the alert triggers, aiding in effective monitoring and management.

select
display_name,
con ->> 'displayName' as filter_display_name,
con -> 'conditionThreshold' ->> 'filter' as filter,
con -> 'conditionThreshold' ->> 'thresholdValue' as threshold_value,
con -> 'conditionThreshold' ->> 'trigger' as trigger
from
gcp_monitoring_alert_policy,
jsonb_array_elements(conditions) as con;
select
display_name,
json_extract(con.value, '$.displayName') as filter_display_name,
json_extract(con.value, '$.conditionThreshold.filter') as filter,
json_extract(con.value, '$.conditionThreshold.thresholdValue') as threshold_value,
json_extract(con.value, '$.conditionThreshold.trigger') as trigger
from
gcp_monitoring_alert_policy,
json_each(conditions) as con;

Control examples

Schema for gcp_monitoring_alert_policy

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
combinertextHow to combine the results of multiple conditions to determine if an incident should be opened.
conditionsjsonbA list of conditions for the policy.
creation_recordjsonbA read-only record of the creation of the alerting policy.
display_nametext!=, =A short name or phrase used to identify the policy in dashboards, notifications and incidents.
documentationjsonbDocumentation that is included with notifications and incidents related to this policy.
enabledboolean!=, =Indicates whether the policy is enabled, or not.
locationtextThe GCP multi-region, region, or zone in which the resource is located.
mutation_recordjsonbA read-only record of the most recent change to the alerting policy.
nametext=The resource name for this policy.
notification_channelsjsonbIdentifies the notification channels to which notifications should be sent when incidents are opened or closed or when new violations occur on an already opened incident.
projecttext=, !=, ~~, ~~*, !~~, !~~*The GCP Project in which the resource is located.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
tagsjsonbA map of tags for the resource.
titletextTitle of the resource.
user_labelsjsonbUser-supplied key/value data to be used for organizing and identifying the AlertPolicy objects.
validityjsonbRead-only description of how the alert policy is invalid.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- gcp

You can pass the configuration to the command with the --config argument:

steampipe_export_gcp --config '<your_config>' gcp_monitoring_alert_policy