Logs and metrics

This page explains how Certificate Manager logs various types of information about its operation and how to view that information.

Logs

To view Certificate Manager logs, use the Logs Explorer in the Cloud console.

Certificate Manager uses Cloud Logging to capture and store logs. Certificate Manager logging is always enabled and only captures a minimal amount of information specifically related to certificate expiration. The Certificate Manager resource type is certificatemanager.googleapis.com/Project.

You can also capture and retrieve Certificate Manager logs using Cloud Logging. See the documentation for Cloud Logging client libraries for information on how to configure this logging mechanism.

Metrics

This section lists the metrics supported by Certificate Manager. To view Certificate Manager metrics, use the Metrics Explorer in the Cloud console.

Standard metrics

Certificate Manager writes the following standard Cloud Monitoring API metrics:

Metric Description
serviceruntime.googleapis.com/api/request_count
  • Kind: Delta
  • Type: INT64
  • Unit: 1
Cumulative count of completed requests. The following labels apply:
  • protocol indicates the request's protocol, such as http or grpc.
  • response_code is the HTTP (or equivalent for gRPC) response code for HTTP/gRPC requests. See code list.
  • response_code_class is the class (or equivalent for gRPC) of the response code, such as `200` or `400`.
  • grpc_status_code is the gRPC response code or its HTTP equivalent. See code list.
serviceruntime.googleapis.com/api/request_latencies
  • Kind: Delta
  • Type: DISTRIBUTION
  • Unit: Seconds
Distribution of latencies for non-streaming requests.
serviceruntime.googleapis.com/api/request_sizes
  • Kind: Delta
  • Type: DISTRIBUTION
  • Unit: Byte
Distribution of request sizes. Request size is recorded when a request completes.
serviceruntime.googleapis.com/api/response_sizes
  • Kind: Delta
  • Type: DISTRIBUTION
  • Unit: Byte
Distribution of response sizes. Response size is recorded when a request completes.

Custom metrics

Additionally, Certificate Manager writes the following custom metrics using the Cloud Monitoring API:

Metric Description
certificatemanager.googleapis.com/project/certificates
  • Kind: GAUGE
  • Type: INT64
  • Unit: 1
Number of certificates provisioned within the target Cloud project. The following labels apply:
  • type indicates whether the certificate is Google-managed (MANAGED) or self-managed (SELF_MANAGED).
  • scope indicates whether the certificate scope is Cloud Load Balancing (DEFAULT) or Media CDN (EDGE_CACHE).
  • is_active indicates whether the certificate is active. Valid values are true and false.
certificatemanager.googleapis.com/map/entries
  • Kind: GAUGE
  • Type: INT64
  • Unit: 1
Number of certificate map entries provisioned within the target Cloud project. The following labels apply:
  • is_primary indicates whether the certificate map entry is the primary entry in the certificate map. Valid values are true and false.

What's next