Intrusion detection system notifications configured (GCP) Test

Luis Alonzo Conversation starter

Hello, We are working towards remediation of enabling notifications (alerts) for the Intrusion Detection System in GCP, We already created the alerts on the projects that were required, but the test still not passes. So we don't know what else is needed, and the instructions are not clear regarding if the alerts should have a certain name or text on them so the Test validation passes.

Thanks for the help!

Luis

Comments

3 comments

  • Comment author
    Jake Samuels Vanta Expert Vanta Team Member

    Hi Luis!

    There are no required naming conventions but there are a few other things we can check!

    Can you confirm that the metric selected for the alerting policy is the one you created with the following filter?

    Can you also confirm there are no additional filters added to the alerting policy? If so, please remove them and refresh the test:

    You will also want to confirm that the notification channel is enabled for the policy:

    Screenshots similar to the above would be helpful for troubleshooting if there are still issues!

    Jake

    3
  • Comment author
    Luis Alonzo Conversation starter

    This worked, the issue actually was in the filter definition, we were using ":" (has) instead of "=" (equal) as the comparison operator, that for this particular filter both worked, but for the Vanta Test, the equality operator was expected in the filter definition, thanks for the help Jake!.

    Regards,

    Luis

    1
  • Comment author
    Matthias Stierle || DataLane BV

    is it absolutely necessary to use a metric or can we directly configure the log filters in the alert policy?

    In general, it is quite hard to understand what exactly Vanta is checking for the tests to succeed...

    0

Please sign in to leave a comment.