Google Cloud Storage Archiving Output and Integration

George Alpizar
George Alpizar
  • Updated

Overview

This output type sends logs to a GCS endpoint.

Note

In the Edge Delta App, when you create an integration or an individual output, similar parameters will display. As a result, this document applies to both outputs and integrations.

Before you begin

Before you can create an output, you must have obtain a GCS HMAC access key for a service account. Specifically, you must obtain a key for a service account that contains the Storage Admin HMAC role.

Step 1: Create a Service Account

  1. In the Google Cloud Console, expand the left-side navigation.  
  2. Hover over IAM & Admin, and then click Service Accounts
  3. In the top bar, click Create Service Account.
  4. Under Service account details, complete the empty fields, and then click Create and Continue
    • Copy the name for this service account. You will need this information for a later step. 
  5. Under Grant this service account access to project, in the drop-down menu, use the search filter to locate and select Storage HMAC Key Admin, and then click Continue
  6. Click Done

Step 2: Create a GCS HMAC Key

  1. In the Google Cloud Console, expand the left-side navigation. 
  2. Under Storage, locate and hover over Cloud Storage, and then click Settings
  3. Under Settings, click Interoperability
  4. Click Create a Key for a Service Account
  5. In the window that appears, mark the newly created service account, and then click Create Key
  6. In the window that appears, copy and store the Access Key and Secret key, and then click Close.
  7. On the left-side navigation, click Browser
  8. Locate and select the desired bucket. 
  9. Click Permissions
  10. In the table that appears, click Add.
  11. In the right-side window that appears, in New principals, enter the name of the newly created service account. 
  12. In Select role, use the search filter to locate and select Storage Admin.
  13. Click Save.

To learn how to manage keys, review this document from Google.


Review Sample Configuration

The following sample configuration displays an output without the name of the organization-level integration:

    - name: my-gcs
      type: gcs
      hmac_access_key: my_hmac_access_key_123
      hmac_secret: my_hmac_secret_123
      bucket: ed-test-bucket

Review Parameters

Review the following parameters that you can configure in the Edge Delta App.


name

Required

Enter a descriptive name for the output or integration.

For outputs, this name will be used to map this destination to a workflow.

Review the following example: 

name: my-gcs

integration_name

Optional

This parameter refers to the organization-level integration created in the Integrations page. 

If you need to add multiple instances of the same integration into the config, then you can add a custom name to each instance via the name parameter. In this situation, the name should be used to refer to the specific instance of the destination in the workflows.

Review the following example: 

integration_name: gcs-org

type

Required

Enter gcs.

Review the following example: 

type: gcs

bucket

Required

Enter the target GCS bucket to send the archived logs.

Review the following example: 

bucket: ed-test-bucket

hmac_access_key

Required

Enter the GCS HMAC Access key that has permissions to upload files to specified bucket.

Review the following example: 

hmac_access_key: my_hmac_access_key_123

hmac_secret

Required

Enter the GCS HMAC secret associated with the access key specified.

Review the following example: 

hmac_secret: my_hmac_secret_123

compress

Optional

Enter a compression type for archiving purposes. 

You can enter gzip, zstd, snappy, or uncompressed

Review the following example: 

compress: gzip

encoding

Optional

Enter an encoding type for archiving purposes. 

You can enter json or parquet

Review the following example: 

encoding: parquet 

use_native_compression

Optional

Enter true or false to compress parquet-encoded data.

This option will not compress metadata. 

This option can be useful with big data cloud applications, such as AWS Athena and Google BigQuery.

Note

To use this parameter, you must set the encoding parameter to parquet

Review the following example: 

use_native_compression: true

buffer_ttl

Optional

Enter a length of time to retry failed streaming data.

After this length of time is reached, the failed streaming data will no longer be tried.

Review the following example: 

buffer_ttl: 2h

buffer_path

Optional

Enter a folder path to temporarily store failed streaming data.

The failed streaming data will be retried until the data reaches its destinations or until the Buffer TTL value is reached.

If you enter a path that does not exist, then the agent will create directories, as needed.

Review the following example:

buffer_path: /var/log/edgedelta/pushbuffer/

buffer_max_bytesize

Optional

Enter the maximum size of failed streaming data that you want to retry.

If the failed streaming data is larger than this size, then the failed streaming data will not be retried.

Review the following example:

buffer_max_bytesize: 100MB

 


 

Share this document