logging.gdc.goog/v1
Contains API Schema definitions for the Logging group.
AlertRule
Defines the alert rules configuration.
Appears in: - LoggingRuleSpec
| Field | Description |
|---|---|
alert string |
The alert name. Its value must be a valid label value. |
expr string |
The PromQL or LogQL expression to evaluate the alert rule. |
for string |
The duration in seconds over which the specified condition must be met to move the alert from the pending state to the open state. |
labels object (keys:string, values:string) |
The labels to add or overwrite. The required labels in this field are severity: [error, critical, warning, info], code: <short code for the error>, and resource: <component, service, or hardware related to the alert>. Any additional labels are optional. |
annotations object (keys:string, values:string) |
The annotations to add. |
LoggingRule
Defines the Schema for the Logging Rules API.
Appears in: - LoggingRuleList
| Field | Description |
|---|---|
apiVersion string |
logging.gdc.goog/v1 |
kind string |
LoggingRule |
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
spec LoggingRuleSpec |
|
status LoggingRuleStatus |
LoggingRuleList
Contains a list of logging rules.
| Field | Description |
|---|---|
apiVersion string |
logging.gdc.goog/v1 |
kind string |
LoggingRuleList |
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
items LoggingRule array |
LoggingRuleSpec
Defines the specification or expected state of the LoggingRule object.
Appears in: - LoggingRule
| Field | Description |
|---|---|
source Source |
The log source on which to base alerts. Accepted values are operational and audit. |
interval string |
The rule evaluation interval. |
limit integer |
The limit number of alerts. A value of 0 means no limit. |
recordRules RecordRule array |
The list of record rules. |
alertRules AlertRule array |
The list of alert rules. |
LoggingRuleStatus
Defines the observed state of the LoggingRule object.
Appears in: - LoggingRule
| Field | Description |
|---|---|
conditions Condition array |
A list of conditions observed in the logging alerting stack. |
lokiInstance string |
The name of the Loki host instance where the LoggingRule object is currently installed. |
LoggingTarget
Defines the Schema for the operational logging targets API.
Appears in: - LoggingTargetList
| Field | Description |
|---|---|
apiVersion string |
logging.gdc.goog/v1 |
kind string |
LoggingTarget |
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
spec LoggingTargetSpec |
|
status LoggingTargetStatus |
LoggingTargetList
Contains a list of logging targets.
| Field | Description |
|---|---|
apiVersion string |
logging.gdc.goog/v1 |
kind string |
LoggingTargetList |
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
items LoggingTarget array |
LoggingTargetSelectors
Provides selectors that determine which pods or containers to collect logs from.
Appears in: - LoggingTargetSpec
| Field | Description |
|---|---|
matchClusters string array |
The clusters to collect logs from. The default configuration is to collect logs from all clusters. The relationship between different clusters is an OR relationship. For example, the value ["admin", "system"] indicates to consider the admin cluster OR the system cluster. |
matchPodNames string array |
The pod name prefixes to collect logs from. The Observability platform scrapes all pods with names that start with the specified prefixes. The values must contain [a-z0-9-] characters only. The relationship between different list elements is an OR relationship. |
matchContainerNames string array |
The container name prefixes to collect logs from. The Observability platform scrapes all containers with names that start with the specified prefixes. The values must contain [a-z0-9-] characters only. The relationship between different list elements is an OR relationship. |
LoggingTargetSpec
Defines the specification or expected state of the LoggingTarget object.
Appears in: - LoggingTarget
| Field | Description |
|---|---|
selector LoggingTargetSelectors |
The matching pattern that identifies pods or containers to collect logs from. The relationship between different selectors is an AND relationship, so all selectors are considered. |
logAccessLevel LogAccessLevel |
The access level for log entries. The default value is AO for Application Operator. |
parser OperationalLogParser |
The predefined parser for log entries. |
serviceName string |
A service name to apply as a label. For user workloads, you can consider this field for a workload name. |
additionalFields object (keys:string, values:string) |
The additional static fields to apply to log entries. This field is a mapping of key-value pairs, where the field name is the key and the field value is the value. |
LoggingTargetStatus
Defines the observed state of the LoggingTarget object.
Appears in: - LoggingTarget
| Field | Description |
|---|---|
conditions Condition array |
A list of conditions observed in the logging stack. |
RecordRule
Defines the record rules configuration.
Appears in: - LoggingRuleSpec
| Field | Description |
|---|---|
record string |
The time series in which to write the record rule. It must be a valid metric name. |
expr string |
The PromQL or LogQL expression to evaluate the record rule. |
labels object (keys:string, values:string) |
The labels to add or overwrite. |
SIEMOrgForwarder
SIEMOrgForwarder is the Schema for the SIEMOrgForwarder API, which defines the type of logs - either audit or operational, and the external SIEM destination where the logs will be forwarded to.
Appears in: - SIEMOrgForwarderList
| Field | Description |
|---|---|
apiVersion string |
logging.gdc.goog/v1 |
kind string |
SIEMOrgForwarder |
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
spec SIEMOrgForwarderSpec |
|
status SIEMOrgForwarderStatus |
SIEMOrgForwarderList
SIEMOrgForwarderList contains a list of SIEMOrgForwarders.
| Field | Description |
|---|---|
apiVersion string |
logging.gdc.goog/v1 |
kind string |
SIEMOrgForwarderList |
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
items SIEMOrgForwarder array |
SIEMOrgForwarderSpec
SIEMOrgForwarderSpec defines the desired state of SIEMOrgForwarder.
Appears in: - SIEMOrgForwarder
| Field | Description |
|---|---|
source LogType |
The type of logs that will be exported to a SIEM. Accepted values are operational and audit. |
splunkOutputs SplunkOutput array |
The list of Splunk outputs. |
SIEMOrgForwarderStatus
SIEMOrgForwarderStatus defines the observed state of SIEMOrgForwarder.
Appears in: - SIEMOrgForwarder
| Field | Description |
|---|---|
conditions Condition array |
Defines the observed state of SIEMOrgForwarder. |
SplunkOutput
Defines the Splunk output configuration.
Appears in: - SIEMOrgForwarderSpec
| Field | Description |
|---|---|
host string |
The host name of the target Splunk service. |
token Token |
The token which specifies the Authentication Token for the HTTP Event Collector interface. |
tls string |
The TLS. https://docs.fluentbit.io/manual/administration/transport-security |
netConnectTimeout integer |
The NetConnectTimeout as the maximum time expressed in seconds to wait for a TCP connection to be established, this include the TLS handshake time. |
Token
Defines SIEM's token configuration.
Appears in: - SplunkOutput
| Field | Description |
|---|---|
name string |
Name of the token. |
field string |
Field of the token. |