Edge Delta Google Cloud Storage Output

Archive data in Google Cloud Storage.

  4 minute read  

Version 2 is no longer supported. This section is for historical reference only.

See the latest version here.

Overview

This output type sends logs to a GCS endpoint.

Prerequisites

Before you can create an output, you must have obtain a GCS HMAC access key for a service account. Specifically, you must obtain a key for a service account that contains the Storage Admin HMAC role.

Step 1: Create a Service Account

  1. In the Google Cloud Console, expand the navigation pane.
  2. Hover overIAM & Admin, and then click Service Accounts.
  3. Click Create Service Account.
  4. Under Service account details, complete the empty fields, and then click Create and Continue.Copy the name for this service account. You will need this information for a later step.
  5. Under Grant this service account access to project, in the drop-down menu, use the search filter to locate and select Storage HMAC Key Admin, and then click Continue.
  6. Click Done.

Step 2: Create a GCS HMAC Key

  1. In the Google Cloud Console, expand the navigation pane.
  2. Under Storage, locate and hover over Cloud Storage, and then click Settings.
  3. Under Settings, click Interoperability.
  4. Click Create a Key for a Service Account.
  5. In the window that appears, mark the newly created service account, and then click Create Key.
  6. In the window that appears, copy and store the Access Key and Secret key, and then click Close.
  7. On the navigation pane, click Buckets.
  8. Locate and select the desired bucket.
  9. Click Permissions.
  10. In the table that appears, click Grant Access.
  11. In the window that appears, under Add principals, enter the name of the newly created service account.
  12. In Select role, use the search filter to locate and select Storage Admin.
  13. Click Save.

To learn how to manage keys, review this document from Google.

Example

  - name: my-gcs
      type: gcs
      hmac_access_key: my_hmac_access_key_123
      hmac_secret: my_hmac_secret_123
      bucket: ed-test-bucket

Parameters

name

Required

Enter a descriptive name for the output or integration.

For outputs, this name will be used to map this destination to a workflow.

name: my-gcs

integration_name

Optional

This parameter refers to the organization-level integration created in the Integrations page.

If you need to add multiple instances of the same integration into the config, then you can add a custom name to each instance via the name parameter. In this situation, the name should be used to refer to the specific instance of the destination in the workflows.

integration_name: gcs-org

type: gcs

Required

Enter gcs.

type: gcs

bucket

Required

Enter the target GCS bucket to send the archived logs.

bucket: ed-test-bucket

hmac_access_key

Required

Enter the GCS HMAC Access key that has permissions to upload files to specified bucket.

hmac_access_key: my_hmac_access_key_123

hmac_secret

Required

Enter the GCS HMAC secret associated with the access key specified.

hmac_secret: my_hmac_secret_123

compression

Optional

Enter a compression type for archiving purposes.

You can enter gzip, zstd, snappy, or uncompressed.

compression: gzip

encoding

Optional

Enter an encoding type for archiving purposes.

You can enter json or parquet.

encoding: parquet

use_native_compression

Optional

Enter true or false to compress parquet-encoded data. This option will not compress metadata.

This option can be useful with big data cloud applications, such as AWS Athena and Google BigQuery.

To use this parameter, you must set the encoding parameter to parquet.

use_native_compression: true

buffer_ttl

Optional

Enter a length of time to retry failed streaming data.

After this length of time is reached, the failed streaming data will no longer be tried.

buffer_ttl: 2h

buffer_path

Optional

Enter a folder path to temporarily store failed streaming data.

The failed streaming data will be retried until the data reaches its destinations or until the Buffer TTL value is reached.

If you enter a path that does not exist, then the agent will create directories, as needed.

buffer_path: /var/log/edgedelta/pushbuffer/

buffer_max_bytesize

Optional

Enter the maximum size of failed streaming data that you want to retry.

If the failed streaming data is larger than this size, then the failed streaming data will not be retried.

buffer_max_bytesize: 100MB