Ensure that Virtual Private Cloud (VPC) firewall logging is not configured to include logging metadata in order to reduce the size of the log files and optimize cloud storage costs.
VPC firewall logging allows you to verify, analyze, and audit the effects of your firewall rules on your cloud resources. By default, metadata is added within the firewall rule log files. You can significantly reduce the log files size and cut down on storage costs by not including this additional data.
To determine if logging metadata is included within your VPC firewall log files, perform the following operations:
Remediation / Resolution
To disable adding logging metadata to your Google Cloud VPC network firewall rule logs, perform the following operations:
- Google Cloud Platform (GCP) Documentation
- VPC firewall rules overview
- Using firewall rules
- Firewall Rules Logging overview
- Using Firewall Rules Logging
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Exclude Metadata from Firewall Logging
Risk level: Medium