Ensure that your Google Cloud Platform (GCP) load balancing backend services are configured to log HTTP(S) traffic.
HTTP(S) load balancing log entries contain information useful for monitoring and debugging web traffic. Google Cloud exports this logging data to Cloud Monitoring service so that monitoring metrics can be created to evaluate a load balancer's configuration, usage, and performance, troubleshoot problems, and improve resource utilization and user experience.
Audit
To determine if your load balancing backend services are logging HTTP(S) traffic, perform the following operations:
Remediation / Resolution
To enable HTTP(S) logging for your Google Cloud load balancing backend services, perform the following operations:
References
- Google Cloud Platform (GCP) Documentation
- Cloud Load Balancing overview
- HTTP(S) Load Balancing Logging and Monitoring
- GCP Command Line Interface (CLI) Documentation
- gcloud projects list
- gcloud compute url-maps list
- gcloud compute url-maps describe
- gcloud compute backend-services describe
- gcloud compute backend-services update
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Enable Logging for HTTP(S) Load Balancing Backend Services
Risk level: Medium