Connect to Google Cloud Platform: Guided setup and other options ๐
You can connect your GCP account and send data to Splunk Observability Cloud with the following methods:
Note
Before you connect, make sure to read GCP authentication, permissions and supported regions.
Connect to GCP using the guided setup ๐
Follow these steps to connect to GCP:
1. Define a role for your GCP service account ๐
Use GCPโs Viewer role as it comes with the permissions you need for most scenarios.
To customize the permissions for your role refer to GCP role permissions.
2. Configure GCP ๐
To configure your GCP service:
Log into your GCP account and select the project you want to monitor in the GCP web console.
From the sidebar, select
, then .Go to Create Service Account at the top of the screen, complete the following fields, and select CREATE.
Service account name. Enter
Splunk
.Service account ID. This field autofills after you enter
Splunk
for Service account name.Service account description. Enter the description for your service account.
(Optional) Select a role to grant this Service account access to the selected project, then select CONTINUE.
Activate Key type JSON, and select CREATE. A new service account key JSON file is then downloaded to your computer. You will need this key to authenticate in Splunk Observability Cloud.
In a new window or tab, go to Cloud Resource Manager API , and activate the Cloud Resource Manager API. You need to activate this API so Splunk Observability Cloud can use it to validate permissions on the service account keys.
Note
To monitor multiple GCP projects, repeat the steps described in this section for each one of the projects.
3. Connect to Splunk Observability Cloud and start the integration ๐
By default, Splunk Observability Cloud monitors all supported services, and any new services added later are also monitored. When you set integration parameters, you can choose to import metrics from a subset of the available services.
Log in to Splunk Observability Cloud and open the Google Cloud Platform guided setup . Optionally, you can navigate to the guided setup on your own:
In the left navigation menu, select
.Go to the Available integrations tab, or select Add Integration in the Deployed integrations tab.
In the integration filter menu, select By Use Case, and select the Monitor Infrastructure use case.
In the Cloud Integrations section, select the Google Cloud Platform tile to open the Google Cloud Platform guided setup.
Complete the following fields:
Name. Type in the name of the GCP integration.
Project. Select Add Project, next select Import Service Account Key and import one or more of the JSON key files that you downloaded from GCP in Configure GCP.
Services. By default the new integration syncs with all supported GCP services. Select All services > Sync only selected services to select specific services to sync with.
Poll rate. Select the rate (in seconds) at which you want Splunk Observability Cloud to poll GCP for metric data, with 1 minute as the minimum unit, and 10 minutes as the maximum unit. For example, a value of 300 polls metrics once every 5 minutes.
Specify data to import: Metadata and/or metrics.
Specify if you want to use quota from the project where metrics are stored. See Use a single principal for your resources for more information.
Optional fields:
Custom Metric Type Domains. To list any additional GCP service domain names that you want to monitor, use commas to separate domain names in the Custom Metric Type Domains field. For example, to obtain Apigee metrics, add
apigee.googleapis.com
.
For information on the available GCP metric domains refer to the official GCP docs at Google Cloud metrics .
To learn about custom metric type domain syntax, see Custom metric type domain examples in the Splunk developer documentation.
Compute Metadata Included List. If you select Compute Engine as one of the services to monitor, you can enter a comma-separated list of Compute Engine Instance metadata keys to send as properties. These metadata keys are sent as properties named
gcp_metadata_<metadata-key>
.
Your GCP integration is now complete.
Note
Splunk is not responsible for data availability, and it can take up to several minutes (or longer, depending on your configuration) from the time you connect until you start seeing valid data from your account.
Use a single principal for your resources ๐
In IAM you can grant access to your resources to one or more entities called principals, regardless of the authentication method (single Service Account or Workload Identity Federation).
If youโre using a single principal for multiple projects, GCP tracks all API usage quota in the project where the principal originates from, which can result in throttling in your integration. To mitigate this, select Use quota from the project where metrics are stored. To use this option the principal provided for the project needs either the serviceusage.services.use
permission or the Service Usage Consumer role.
For a more detailed description see Principals in GCPโs docs.
Alternatives to connect to GCP ๐
Integrate GCP using the API ๐
You can also integrate GCP with Splunk Observability Cloud using the GCP API.
See Integrate Google Cloud Platform Monitoring with Splunk Observability Cloud in our developer portal for details.
Connect to GCP using Terraform ๐
To connect using Terraform, see Connect your cloud services using Splunk Terraform.
Next steps ๐
To validate your setup, examine the details of your GCP integration as displayed in the list at the end of the setup page.
For details about the metrics provided by an GCP integration, see Google Cloud Monitoring metrics and metadata
To send logs from GCP to Splunk Observability Cloud, follow the instructions in Send GCP logs to Splunk Platform
Learn about Splunk Observability Cloudโs GCP Infrastructure Monitoring options
To learn more about Splunk Observability Cloudโs data model, refer to Data types in Splunk Observability Cloud