Triggering Cloud Functions with Stackdriver Log Sinks

Hands-On Lab

 

Photo of Joseph Lowery

Joseph Lowery

Google Cloud Training Architect II in Content

Length

00:30:00

Difficulty

Beginner

There are a great many reasons why you might want to export your logs, including long-term storage and analysis. You might also want to take direct action with another Google Cloud service. While Stackdriver offers a good number of notification options, like email and SMS, there’s no direct option for initiating a programmatic response. In this hands-on lab, we’ll learn how to incorporate a Cloud Function through a second-party trigger by setting our Stackdriver log sink to export to a specific Cloud Pub/Sub topic.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Triggering Cloud Functions with Stackdriver Log Sinks

Introduction

There are a great many reasons why you might want to export your logs, including long-term storage and analysis. You might also want to take direct action with another Google Cloud service. While Stackdriver offers a good number of notification options, like email and SMS, there’s no direct option for initiating a programmatic response. In this hands-on lab, we’ll learn how to incorporate a Cloud Function through a second-party trigger by setting our Stackdriver log sink to export to a specific Cloud Pub/Sub topic.

Logging In to the Environment

  1. On the lab instructions page, right-click the Open GPC Console button.
  2. From the dropdown, select the option to open the link in a private browser window. (Note: Different browsers have different names for a private browser window. On Chrome, you'll choose Open Link in Incognito Window. If you're using Firefox, click Open Link in New Private Window. Etc.)
  3. On the Google sign-in page, enter the unique username you were provided on the lab instructions page. Click Next.
  4. Enter the unique password you were provided on the lab instructions page. Click Next.
  5. On the Welcome to your new account page, click Accept.
  6. In the Welcome L.A.! menu, check the box under Terms of service.
  7. Choose your country of residence, then click AGREE AND CONTINUE.

Create a Pub/Sub Topic

  1. From the Google Cloud Platform dashboard, click the main navigation menu at the top left of the page.
  2. In the dropdown, select Pub/Sub > Topics.
  3. Click Create a topic.
  4. In the Create a topic dialog, type "la-sink-export" for the topic name.
  5. Click CREATE.

Establish a Stackdriver Log Sink

  1. Click the main navigation menu at the top left of the page.
  2. From the dropdown, select Logging > Exports.
  3. Click CREATE EXPORT.
  4. Expand the Audited Resource field, and select GCE Firewall Rule from the dropdown.
  5. In the Edit Export panel on the right side of the screen, configure the following settings:
    • Sink Name: la-firewall-sink
    • Sink Service: Cloud Pub/Sub
    • Sink Destination: la-sink-export
  6. Click Create Sink, and close out of the success message.

Retrieve the Necessary Files

  1. Click the main navigation menu at the top left of the page.
  2. From the dropdown, select Cloud Functions.
  3. Click the Cloud Shell icon at the top right of the page.
  4. Click START CLOUD SHELL.
  5. Run the following command to clone the GitHub repository:
    git clone https://github.com/linuxacademy/content-gcpro-security-engineer
  6. Click the pencil icon at the top right of the Cloud Shell window to launch the code editor.
  7. In the left navigation panel, select stackdriver-cf-lab folder > main.py, and review the contents.
  8. In the left navigation panel, select requirements.txt, and review the contents.

Create a Cloud Function

  1. Go back to the Cloud Functions dashboard.
  2. Click Create function.
  3. Apply the following settings:
    • Name: la-sink-trigger
    • Memory allocated: 256 MB
    • Trigger: Cloud Pub/Sub
    • Topic: la-sink-export
    • Source code: Inline editor
    • Runtime: Python 3.7
  4. In the Cloud Shell code editor, select all of the code in main.py, and copy it to your clipboard.
  5. Go back to the Cloud Functions dashboard.
  6. In the main.py field, select all of the default code and delete it.
  7. Paste in the code we copied from main.py.
  8. Click requirements.txt.
  9. Select all of the default code and delete it.
  10. Go back to the Cloud Shell code editor.
  11. Open requirements.txt, and copy the contents to your clipboard.
  12. Go back to the Cloud Functions dashboard.
  13. In the requirements.txt field, paste the code we copied from requirements.txt.
  14. Click OK.
  15. In the Function to execute field, type "respond_log_entry".
  16. Click Create.

Alter a Firewall Rule

  1. Click the main navigation menu at the top left of the page.
  2. From the dropdown, select VPC network > Firewall rules.
  3. Review the non-default firewall rules.
  4. Select ssh-network-2, and click EDIT.
  5. Scroll down the page, and expand Disable rule.
  6. Under Enforcement, select the Disabled option.
  7. Click Save.
  8. Click the main navigation menu at the top left of the page.
  9. From the dropdown, select Logging > Log Viewer.
  10. Click the main navigation menu at the top left of the page.
  11. From the dropdown, select Cloud Functions.
  12. Select the la-sink-trigger function.
  13. Click VIEW LOGS.
  14. Expand and review the entry that contains Initiator.

Conclusion

Congratulations, you've successfully completed this hands-on lab!