Enable Logging for HTTP(S) Load Balancing Backend Services

01 Sign in to Google Cloud Management Console.

02 Select the GCP project that you want to examine from the console top navigation bar.

03 Navigate to Cloud Load Balancing dashboard at https://console.cloud.google.com/net-services/loadbalancing.

04 On the Load balancing page, select Load balancers to access the list with the Google Cloud load balancers created for the selected project.

05 Click on the name of the HTTP(S) load balancer that you want to examine, select the Details tab, and check the Logging configuration attribute value set for the backend service listed in the Backend section. If the Logging attribute value is set to disabled, the HTTP(S) logging is not enabled for the backend service associated with the selected Google Cloud load balancer.

06 Repeat steps no. 5 for each GCP load balancer created for the selected project.

07 Repeat steps no. 2 – 6 for each GCP project deployed in your Google Cloud account.

01 Run projects list command (Windows/macOS/Linux) using custom query filters to list the IDs of all the Google Cloud Platform (GCP) projects available in your Google Cloud account:

gcloud projects list
    --format="table(projectId)"

02 The command output should return the requested GCP project identifiers (IDs):

PROJECT_ID
cc-project5-stack-123123
cc-bigdata-project-112233

03 Run compute url-maps list command (Windows/macOS/Linux) using the ID of the GCP project that you want to examine as identifier parameter and custom query filters to describe the name of each load balancer (identified by an URL map) created for the selected project:

gcloud compute url-maps list
    --project cc-project5-stack-123123
    --format="table(name)"

04 The command output should return the name(s) of the existing load balancer(s):

NAME
cc-project5-web-load-balancer
cc-project5-int-load-balancer

05 Run compute url-maps describe command (Windows/macOS/Linux) using the name of the GCP load balancer that you want to examine as identifier parameter and custom query filters to describe the resource URL of the backend service associated with the selected load balancer:

gcloud compute url-maps describe cc-project5-web-load-balancer
    --format="value(defaultService)"

06 The command output should return the requested resource URL:

https://www.googleapis.com/compute/v1/projects/cc-project5-stack-123123/global/backendServices/cc-project5-web-backend-service

07 Run compute backend-services describe command (Windows/macOS/Linux) using the URL of the associated backend service that you want to examine as identifier parameter and custom output filtering to describe the logging configuration status available for the selected resource:

gcloud compute backend-services describe https://www.googleapis.com/compute/v1/projects/cc-project5-stack-123123/global/backendServices/cc-project5-web-backend-service
    --format="value(logConfig.enable)"

08 The command output should return the backend service logging configuration status:

False

09 Repeat steps no. 5 – 8 to perform the audit process for other load balancers created within the selected project.

10 Repeat steps no. 3 – 9 for each GCP project deployed in your Google Cloud account.

01 Sign in to Google Cloud Management Console.

02 Select the GCP project that you want to access from the console top navigation bar.

03 Navigate to Cloud Load Balancing dashboard at https://console.cloud.google.com/net-services/loadbalancing.

04 On the Load balancing page, select Load balancers to access the list with the Google Cloud load balancers created for the selected project.

05 Choose the HTTP(S) load balancer that you want to reconfigure (see Audit section part I to identify the right resource), click on the 3-dot button to access the options menu, then select Edit.

06 On the Edit HTTP(S) load balancer page, select Backend configuration tab, and click on the Edit button (pencil icon) available next to the associated backend service, to enter the resource edit mode.

07 On the Edit backend service configuration panel, under Logging, select Enable logging checkbox and set the Sample rate fraction to a value between 0.0 and 1.0 (default). Note that enabling logging but setting the Sample rate to 0.0 is equivalent to disabling logging. For example, to cut the number of stored logs to 20%, set the value to 0.2. Click Update to apply the configuration changes.

08 On the Edit HTTP(S) load balancer page, click Update to save the changes and enable HTTP(S) logging for the selected Google Cloud load balancer.

09 Repeat steps no. 5 – 8 to enable logging for other load balancers created for the selected project.

10 Repeat steps no. 2 – 9 for each GCP project available within your Google Cloud account.

01 Run compute backend-services update command (Windows/macOS/Linux) using the URL of the backend service that you want to reconfigure as identifier parameter, to enable HTTP(S) logging for the load balancer associated with the selected backend service. --logging-sample-rate parameter lets you configure the logging sampling rate as a value from 0.0 through 1.0, where 0.0 means no packets are logged and 1.0 means 100% of packets are logged. Note that enabling logging but setting the sample rate to 0.0 is equivalent to disabling logging:

gcloud compute backend-services update https://www.googleapis.com/compute/v1/projects/cc-project5-stack-123123/global/backendServices/cc-project5-web-backend-service
    --enable-logging
    --logging-sample-rate=1.0

02 The command output should return the URL of the reconfigured backend service:

Updated [https://www.googleapis.com/compute/v1/projects/cc-project5-stack-123123/global/backendServices/cc-project5-web-backend-service].

03 Repeat step no. 1 and 2 to enable logging for other load balancers available within the selected project.

04 Repeat steps no. 1 – 3 for each GCP project deployed in your Google Cloud account.