Google Cloud's Virtual Private Cloud Flow (VPC) Logs supports the frictionless transmission of logs to New Relic. With VPC flow logs from across your GCP estates, you can quickly understand key insights for performance analytics and troubleshooting network connectivity.
Google Virtual Private Cloud (VPC) enables you to launch GCP resources into an isolated and secure virtual network with the benefits of using scalable GCP infrastructure.
- A New Relic account. Don't have one? Sign up for free! No credit card required.
Google VPC Flow Logs isn't supported for FedRAMP customers yet. In the meantime, you can use our FedRAMP ingest APIs.
- The ability to create a Pub/Sub topic and set its permissions.
- The ability to create and update a Log Router.
- The ability to create a Dataflow job.
To send Google VPC flow logs to New Relic, follow these steps:
Start the guided install process.
From the Select an account dropdown, choose the New Relic account you want to send Google VPC Flow Logs to, and click Continue.
In the Choose Setup Options section:
- In the Setup Method, you can choose to use the GCloud CLI or Terraform to create resources in your account. Terraform may be easier if you already use it in your Google environment.
- Enter the GCP project ID that you want to ingest flow logs from.
- In the Region dropdown, choose a GCP region. This region will be used when setting up regional resources.
Enable Flow Logging - Turn on flow logging for a subnet. You have to turn on flow logging for each subnet that you want to collect flow logs from. You can change this setting via the CLI, the Cloud Console, or any other cloud configuration tool your team uses.
When setting up flow logging, you may want to adjust sampling rate and aggregation interval. A higher sampling rate or a lower aggregation interval will produce more granular data but will have a higher data ingestion cost.
Define Logging Sink - Set up a log router in Google Cloud Platform (GCP). The log router allows you to choose which flow logs get sent to New Relic. You can send flow logs for a single subnet, multiple subnets, an entire VPC, and more.
If you chose GCloud CLI as a setup method:
- Create Pub/Sub resources - Run the generated commands in the GCloud CLI to create a Pub/Sub topic and subscription.
- Create Logging Sink - Run the generated command in the GCloud CLI to create your Log Router.
- Setup up Pub/Sub permissions - Run the generated command to get the writer identity associated with your Log Router. Copy the result of the command and paste it into the next textbox. Then, run the next two commands to modify your Pub/Sub topic's permissions to allow access from the Log Router.
- Create Dataflow job - Run the generated command to create a Dataflow job, which gathers multiple flows together and sends them to New Relic in large batches. This helps save you money and avoid rate limits.
We automatically generate a new to be used for this data ingest. To regenerate a key, click Generate and use a new key.
If you chose Terraform as a setup method:
- Run Terraform template - Deploy the provided Terraform template in your GCP project to create all of the resources necessary for sending VPC Flow Logs to New Relic.
If you've already started sending some Google VPC flow logs to New Relic from some of your subnets, but you want to send more or less VPC flow logs:
- Make sure any new subnets have flow logging enabled in Google Cloud Platform (GCP).
- Update the Log Router you created when you defined Logging Sink, so that its filter condition captures the new set of VPC Flow Logs that you want to send to New Relic.
TipIn the guided install process, ypu can find some examples of what filter conditions might look like. If your environment is complex, you might need to adjust these conditions as necessary.