How to enable logs from GCP instances to Google logs exporter?
Sometimes our GCP VM instances reboot without any apparent reason, and I want to view the logs of the VMs using the Google Logs Exporter service. In my GCP project, I have more than 200 instances, but I can see only 30–40 GKE nodes.
I saw logs from the hosts approximately a year ago, but now they have disappeared. No host settings have been changed.
I know it should work without installing any agents by default. If you install an agent, you will just see more information from the host, but it is not necessary.
How can I check if logs are enabled for the VM instances or the entire project?
Solution
I found the problem
The ServiceAccount used with VM does not have permissions to write logs.
These rights were missing:
resource "google_project_iam_member" "backend_machine_monitoring_metric_writer" {
project = var.project
role = "roles/monitoring.metricWriter"
member = "serviceAccount:${google_service_account.backend_machine.email}"
}
resource "google_project_iam_member" "backend_machine_logging_log_writer" {
project = var.project
role = "roles/logging.logWriter"
member = "serviceAccount:${google_service_account.backend_machine.email}"
}
- Google Speech to Text - Not Getting the transcription | SOLVED
- Why does Cloud Deploy not support multiple target types in one pipeline?
- CloudBuild pull status from latest run, from a specific build trigger using via CloudBuild API?
- Querying the Google Patent Data on Big Query processes way too much data
- Deleting a large folder from Google Cloud Storage
- GCP - How do you create a URL Redirect path rule with gcloud url-maps?
- API [sqladmin.googleapis.com] not enabled on project [1234].
- Error uploading file to google cloud storage
- Custom Service Account with KFP pipelines in Vertex AI
- Not able to connect mysql with SSL enforced to app engine without connecting first in cloud shell
- If the GCP pub sub Subscription Expiration is same as Subscription Message Retention will the subscription not expire
- Cloud function is not triggered by pub/sub topic
- Java application unable to find ADC when Workload Identity is enabled on GKE cluster
- Service account with Workspace-authorized domain-wide delegation gets error "Not Authorized to access this resource/api" when running cloud function
- How to download a pushed Odoo release and upload to Github
- GCP authentication when testing a container in the local development environment
- GAE: find project name by project number
- Google Cloud functions v2 eventarc - How to Track User Context for Deletions in Firebase Realtime Database
- Google Cloud Bigtable vs Google Cloud Datastore
- Batch job submission error "Failed to process all documents", uris seem correct?
- 401 Unauthorized when installing Python package from Artifacts registry for Google Build
- Google Cloud Storage request blocked by CORS: not allowed by Access-Control-Allow-Origin
- Accessing users account with service account
- Firestore exception occurred in retry method that was not classified as transient
- Managed Service Provider on Google Cloud Platform
- Stripe Error: No signatures found matching the expected signature for payload
- Error --accelerator unrecognized argument when launching gcloud beta ai-platform versions create API
- invalid_request when calling https://sts.googleapis.com/v1/token API
- How to upload a file to Google Cloud Storage on Python 3?
- How to use Puppeteer in 2nd gen Cloud Functions?