This article provide more information on how to resolve alerts for the Logs retained for 365 days (GCP) test.

How to Fix:

• First, determine where you will store your logs. To use a Cloud Storage bucket associated with your project, go to the cloud storage console, and create a new storage bucket or select an existing one. Ensure that retention is set for 365 days:

• Visit the Google Cloud Logging console.
• Click Log Router from the left-hand menu:
  
• Click Create Sink:

• Provide a Sink name and optionally provide a description.
• Under Sink destination, select Cloud Storage bucket for the sink service, and select the storage bucket created in step 1 as the sink destination.

• Optionally filter in or out any logs. By default, all logs will be included if these options are not edited.
• Click Create Sink.

Common Reasons For Failure:

• The logging buckets used for storage are not in scope on the integrations page. Vanta checks these buckets directly so they need to be in scope here.
• Ensure that the logging API (logging.googleapis.com) and storage API (storage-api.googleapis.com) are enabled in the projects where these resources exist.

Reading the test data:

• The test data (downloaded from the "export test data" option from the top right menu in the test) will first list the GCP projects that we see, as well as the log sinks:

You will want to ensure that you see a Log Sink for each correlated project for this test to pass. In the example above, the "test-project" will pass and then "awesome-application" project will fail since there is no associated Log Sink.

What Vanta is checking:

• Vanta first checks that a bucket is a destination for logs, and then checks it has a retention of 365 days or more.