KRM API logging.gdc.goog/v1

logging.gdc.goog/v1

Contains API Schema definitions for the Logging group.

AlertRule

Defines the alert rules configuration.

Appears in: - LoggingRuleSpec

Field Description
alert string The alert name. Its value must be a valid label value.
expr string The PromQL or LogQL expression to evaluate the alert rule.
for string The duration in seconds over which the specified condition must be met to move the alert from the pending state to the open state.
labels object (keys:string, values:string) The labels to add or overwrite. The required labels in this field are severity: [error, critical, warning, info], code: <short code for the error>, and resource: <component, service, or hardware related to the alert>. Any additional labels are optional.
annotations object (keys:string, values:string) The annotations to add.

LoggingRule

Defines the Schema for the Logging Rules API.

Appears in: - LoggingRuleList

Field Description
apiVersion string logging.gdc.goog/v1
kind string LoggingRule
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata.
spec LoggingRuleSpec
status LoggingRuleStatus

LoggingRuleList

Contains a list of logging rules.

Field Description
apiVersion string logging.gdc.goog/v1
kind string LoggingRuleList
metadata ListMeta Refer to Kubernetes API documentation for fields of metadata.
items LoggingRule array

LoggingRuleSpec

Defines the specification or expected state of the LoggingRule object.

Appears in: - LoggingRule

Field Description
source Source The log source on which to base alerts. Accepted values are operational and audit.
interval string The rule evaluation interval.
limit integer The limit number of alerts. A value of 0 means no limit.
recordRules RecordRule array The list of record rules.
alertRules AlertRule array The list of alert rules.

LoggingRuleStatus

Defines the observed state of the LoggingRule object.

Appears in: - LoggingRule

Field Description
conditions Condition array A list of conditions observed in the logging alerting stack.
lokiInstance string The name of the Loki host instance where the LoggingRule object is currently installed.

LoggingTarget

Defines the Schema for the operational logging targets API.

Appears in: - LoggingTargetList

Field Description
apiVersion string logging.gdc.goog/v1
kind string LoggingTarget
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata.
spec LoggingTargetSpec
status LoggingTargetStatus

LoggingTargetList

Contains a list of logging targets.

Field Description
apiVersion string logging.gdc.goog/v1
kind string LoggingTargetList
metadata ListMeta Refer to Kubernetes API documentation for fields of metadata.
items LoggingTarget array

LoggingTargetSelectors

Provides selectors that determine which pods or containers to collect logs from.

Appears in: - LoggingTargetSpec

Field Description
matchClusters string array The clusters to collect logs from. The default configuration is to collect logs from all clusters. The relationship between different clusters is an OR relationship. For example, the value ["admin", "system"] indicates to consider the admin cluster OR the system cluster.
matchPodNames string array The pod name prefixes to collect logs from. The Observability platform scrapes all pods with names that start with the specified prefixes. The values must contain [a-z0-9-] characters only. The relationship between different list elements is an OR relationship.
matchContainerNames string array The container name prefixes to collect logs from. The Observability platform scrapes all containers with names that start with the specified prefixes. The values must contain [a-z0-9-] characters only. The relationship between different list elements is an OR relationship.

LoggingTargetSpec

Defines the specification or expected state of the LoggingTarget object.

Appears in: - LoggingTarget

Field Description
selector LoggingTargetSelectors The matching pattern that identifies pods or containers to collect logs from. The relationship between different selectors is an AND relationship, so all selectors are considered.
logAccessLevel LogAccessLevel The access level for log entries. The default value is AO for Application Operator.
parser OperationalLogParser The predefined parser for log entries.
serviceName string A service name to apply as a label. For user workloads, you can consider this field for a workload name.
additionalFields object (keys:string, values:string) The additional static fields to apply to log entries. This field is a mapping of key-value pairs, where the field name is the key and the field value is the value.

LoggingTargetStatus

Defines the observed state of the LoggingTarget object.

Appears in: - LoggingTarget

Field Description
conditions Condition array A list of conditions observed in the logging stack.

RecordRule

Defines the record rules configuration.

Appears in: - LoggingRuleSpec

Field Description
record string The time series in which to write the record rule. It must be a valid metric name.
expr string The PromQL or LogQL expression to evaluate the record rule.
labels object (keys:string, values:string) The labels to add or overwrite.

SIEMOrgForwarder

SIEMOrgForwarder is the Schema for the SIEMOrgForwarder API, which defines the type of logs - either audit or operational, and the external SIEM destination where the logs will be forwarded to.

Appears in: - SIEMOrgForwarderList

Field Description
apiVersion string logging.gdc.goog/v1
kind string SIEMOrgForwarder
metadata ObjectMeta Refer to Kubernetes API documentation for fields of metadata.
spec SIEMOrgForwarderSpec
status SIEMOrgForwarderStatus

SIEMOrgForwarderList

SIEMOrgForwarderList contains a list of SIEMOrgForwarders.

Field Description
apiVersion string logging.gdc.goog/v1
kind string SIEMOrgForwarderList
metadata ListMeta Refer to Kubernetes API documentation for fields of metadata.
items SIEMOrgForwarder array

SIEMOrgForwarderSpec

SIEMOrgForwarderSpec defines the desired state of SIEMOrgForwarder.

Appears in: - SIEMOrgForwarder

Field Description
source LogType The type of logs that will be exported to a SIEM. Accepted values are operational and audit.
splunkOutputs SplunkOutput array The list of Splunk outputs.

SIEMOrgForwarderStatus

SIEMOrgForwarderStatus defines the observed state of SIEMOrgForwarder.

Appears in: - SIEMOrgForwarder

Field Description
conditions Condition array Defines the observed state of SIEMOrgForwarder.

SplunkOutput

Defines the Splunk output configuration.

Appears in: - SIEMOrgForwarderSpec

Field Description
host string The host name of the target Splunk service.
token Token The token which specifies the Authentication Token for the HTTP Event Collector interface.
tls string The TLS. https://docs.fluentbit.io/manual/administration/transport-security
netConnectTimeout integer The NetConnectTimeout as the maximum time expressed in seconds to wait for a TCP connection to be established, this include the TLS handshake time.

Token

Defines SIEM's token configuration.

Appears in: - SplunkOutput

Field Description
name string Name of the token.
field string Field of the token.