SQL database monitored (GCP) Test
Having trouble getting the GCP monitoring related tests to pass.
- SQL database CPU monitored (GCP)
- SQL database memory utilization monitored (GCP)
- SQL database I/O monitored (GCP)
- SQL database free storage space monitored (GCP)
- Intrusion detection system notifications configured (GCP)
I have created alert policies, but am not able to get them to satisfy the test. I have attached the JSON spec of the policy below. Having the exact conditions the test is matching on would be helpful, the How to fix is not very informative. I think "alarms" is the AWS term should be "alert policy" for GCP.
SQL CPU (using metadata.system_labels.name)
{
"name": "projects/PROJECT/alertPolicies/ID",
"displayName": "db-DB_NAME-cpu",
"documentation": {},
"userLabels": {},
"enabled": true,
"combiner": "OR",
"conditions": [
{
"name": "projects/PROJECT/alertPolicies/ID/conditions/ID",
"displayName": "Cloud SQL Database - CPU utilization",
"conditionThreshold": {
"aggregations": [
{
"alignmentPeriod": "60s",
"perSeriesAligner": "ALIGN_MAX"
}
],
"comparison": "COMPARISON_GT",
"duration": "0s",
"filter": "resource.type = \"cloudsql_database\" AND metadata.system_labels.name = \"DB_NAME\" AND metric.type = \"cloudsql.googleapis.com/database/cpu/utilization\"",
"thresholdValue": 0.8,
"trigger": {
"count": 1
}
}
}
],
"alertStrategy": {},
"notificationChannels": [
"projects/PROJECT/notificationChannels/ID"
]
}
SQL Memory (using resource.labels.database_id)
{
"name": "projects/PROJECT/alertPolicies/ID",
"displayName": "db-DB_NAME-memory",
"documentation": {},
"userLabels": {},
"enabled": true,
"combiner": "OR",
"conditions": [
{
"name": "projects/PROJECT/alertPolicies/ID/conditions/ID",
"displayName": "Cloud SQL Database - Memory utilization",
"conditionThreshold": {
"aggregations": [
{
"alignmentPeriod": "60s",
"perSeriesAligner": "ALIGN_MAX"
}
],
"comparison": "COMPARISON_GT",
"duration": "0s",
"filter": "resource.type = \"cloudsql_database\" AND resource.labels.database_id = \"PROJECT:DB_NAME\" AND metric.type = \"cloudsql.googleapis.com/database/memory/utilization\"",
"thresholdValue": 0.8,
"trigger": {
"count": 1
}
}
}
],
"alertStrategy": {},
"notificationChannels": [
"projects/PROJECT/notificationChannels/ID"
]
}
Intrusion detection system notifications configured (GCP)
{
"name": "projects/PROJECT/alertPolicies/ID",
"displayName": "ids-threat-high",
"documentation": {},
"userLabels": {},
"conditions": [
{
"name": "projects/PROJECT/alertPolicies/ID/conditions/ID",
"displayName": "IDS Threat",
"conditionThreshold": {
"aggregations": [
{
"alignmentPeriod": "60s",
"crossSeriesReducer": "REDUCE_SUM",
"perSeriesAligner": "ALIGN_COUNT"
}
],
"comparison": "COMPARISON_GT",
"duration": "0s",
"filter": "resource.type = \"ids.googleapis.com/Endpoint\" AND metric.type = \"logging.googleapis.com/user/ids/threat-high\"",
"trigger": {
"count": 1
}
}
}
],
"alertStrategy": {},
"combiner": "OR",
"enabled": true,
"notificationChannels": [
"projects/PROJECT/notificationChannels/ID"
]
}
with logging.googleapis.com/user/ids/threat-high
Type: Counter
Log scope: Project logs
Units: 1
Filter:
logName="projects/badge-main/logs/ids.googleapis.com%2Fthreat"
AND resource.type="ids.googleapis.com/Endpoint"
AND jsonPayload.alert_severity=("HIGH" OR "CRITICAL")
Comments
2 comments
I seem to be having a similar issue, were you able to get a response from the support team?
I reached out to the support team and they were able to get it sorted out. There are some debugging interfaces they provided access to.
Please sign in to leave a comment.