I'm working upon enabling diagnostic settings for VMSS, and VMSS doesn't offer sending diagnostic logs to Log Analytics workspace. Went through some links and found that Windows Diagnostic Extension can achieve this. However; I also read that it supports only azure storage and event hub and doesn't support Log Analytics workspace to collect those logs.
I'm targeting to have ARM template to achieve my objective.
Some links I have gone through are mentioned below:
https://github.com/Azure/azure-quickstart-templates/blob/master/201-vm-diagnostics-extension-windows/azuredeploy.json
https://learn.microsoft.com/en-us/azure/azure-monitor/platform/diagnostics-extension-overview?toc=/azure/virtual-machines/extensions/toc.json
https://www.catapultsystems.com/blogs/azure-resource-manager-templates-part-one-vm-extensions/
https://learn.microsoft.com/en-GB/azure/azure-monitor/platform/collect-custom-metrics-guestos-resource-manager-vmss
This should tell you all you need.
you need to enable a system assigned identity on the scaleset, which the document shows, as well as a new section for the WAD extension
https://learn.microsoft.com/en-us/azure/azure-monitor/platform/diagnostics-extension-schema-windows#example-configuration
This will help you with the sink set up
Related
I am able to see the compliance state for VMs(on whom I have applied custom OS policy via OS Configuration Management in VM Manager) in a given project and zone in the Google Cloud console as well as via using API like below:
GET https://osconfig.googleapis.com/v1alpha/projects/PROJECT_ID/locations/ZONE/instanceOSPoliciesCompliances
Is there a way I can view compliance state via Google Cloud Logs Explorer?
If I click on View in the Logs tab above, I am directed to Logs Explorer with the Query framed as:
resource.type="gce_instance"
resource.labels.instance_id="<instance_id>"
labels.os_policy_assignment="projects/<project_id>/locations/<zone>/osPolicyAssignments/<assignment>#<some_alphanumeric_id>"
labels.os_policy_id="<custom-policy-id>"
labels.task_type="APPLY_CONFIG_TASK"
But this does not provide me any information on the Compliance State as shown in the screenshot above.
How can I frame a query to get the Compliance State related logs?
To view compliance state in Logs use the following query,
resource.type="gce_instance"
resource.labels.instance_id="<instance_id>"
labels.os_policy_assignment="projects/<project_id>/locations/<zone>/osPolicyAssignments/<assignment>#<some_alphanumeric_id>"
labels.os_policy_id="<custom-policy-id>"
labels.task_type="APPLY_CONFIG_TASK"
jsonPayload.message:"state: COMPLIANT"
We can find compliant state of VM in “jsonPayload.message” field of a log.
Does anyone knows a way to map the dependencies or requirements of any GCP API?
E.g. enabling container.googleapis.com would automatically enable compute.googleapis.com and others into a same chart/table/text/anything.
The GCP docs don't specify any such dependency for any API (from what I have seen so far). So I'm either looking for a Doc which specifies this, a gcloud command or a completely different tool that can help mapping it.
We don't have any public external documentation around service dependencies for now. therefore please open a FR in refer to this link
did you open a Feature Request as suggested ? If so, can you share the link ?
As a faint consolation, you can have a look at this article from which we can tell that the API interdependency information was once available through the serviceusage API.
There you'll find a diagram as of october 2020 (see screenshot bellow)
One workaround could be to use the Service Usage API. The disable method has a disableDependentServices field which disables all services that depend on the services being disabled.
You could enable a bunch of services in GCP, disable a service, and observe which dependent services are also disabled.
I did end up opening a feature request for this and the fact that I had to do so still boggles the mind.
I'm attempting to create an integration between Bitbucket Repo and Google Cloud Build to automatically build and test upon pushes to certain branches and report status back (for that lovely green tick mark). I've got the first part working, but the second part (reporting back) has thrown up a bit of a stumbling block.
Per https://cloud.google.com/cloud-build/docs/send-build-notifications, Cloud Build is supposed to automatically publish update messages to a Pub/Sub topic entitled "cloud-builds". However, trying to find it (both through the web interface and via gcloud command line tool) has turned up nothing. Copious amounts of web searching has turned up https://github.com/GoogleCloudPlatform/google-cloud-visualstudio/issues/556, which seems to suggest that the topic referenced in that doc is now being filtered out of results; however, that issue seems to be specific to the visual studio tools and not GCP as a whole. Moreover, https://cloud.google.com/cloud-build/docs/configure-third-party-notifications suggests that it's still accessible, but perhaps only to Cloud Functions? And maybe only manually via the command line, since the web interface for Cloud Functions also does not display this phantom "cloud-builds" topic?
Any guidance as to where I can go from here? Near as I can tell, the two possibilities are that something is utterly borked in my GCP project and the Pub/Sub topic is either not visible just for me or has somehow been deleted, or I'm right and this topic just isn't accessible anymore.
I was stuck with the same issue, after a while I created the cloud-builds topic manually and created a cloud function that subscribed to that topic.
Build details are pushed to the topic as expected after that, and my cloud function gets triggered with new events.
You can check the existence of the cloud-builds topic an alternate way from the UI, by downloading the gcloud command line tool and, after running gcloud init, running gcloud pubsub topics list to list all topics for the configured project. If the topic projects/{your project}/topics/cloud-builds is not listed, I would suggest filing a bug to the cloud build team here.
Creating the cloud-builds topic manually won't work since it's a special topic that Google managed.
In this case, you have to go to the API central and disable the CloudBuild API, and then enable it again, the cloud-builds topic will be created for you. Enable and disable Cloud Build API
When I open the Google Cloud Shell Code Editor it is not loading the resources and hence I am unable to work. I have attached a screenshot below with a view of the developer tools console. Please help me out. Thanks.
This issue seems to be related to an internal project/billing configuration. Since this kind of access errors are thrown when the accounts have payment issues, I think that you should firstly verify that your billing account is in a good status; however, if you continue getting these error messages after this validation, I suggest you to take a look the Issue Tracker tool that you can use to raise a Cloud Shell ticket in order to verify this scenario with the Google Technical Support Team.
A couple things could cause this:
An interfering browser extension
Are you using any browser extensions that could be interfering
(e.g., an ad blocker)
A bug.
As #Armin_SC suggested, use Issue Tracker to file an issue in this case.
As a workaround, you might want to try gcloud compute ssh to connect to your instances.
We are starting to enable Stackdriver for our project, but while I have a ubuntu instance with stackdriver logging, and I am getting the logs shipped back (I can see the logs in Stackdriver Logging), when I browse to Error Reporting, it's just a blank screen with a button to "Setup Error Reporting", which takes me to some API documentation which I think is tailored for new application coding. We are running nginx and the logging is working, but I can't for the life of me figure out how to get the Error Reporting to work properly, if that's even doable.
"Setup Error Reporting" should guide you to the setup documentation (not API documentation). Depending on the platform you are using, you might need to perform some changes in your application's code or log format. Read more at https://cloud.google.com/error-reporting/docs/setup/
If you have Stackdriver Logging setup and on Google Compute Engine, the requirement is for your exception stack traces to be log in single log entries.