Monitoring Cloud DLP Usage with Stackdriver

Cloud Data Loss Prevention (DLP) sends detailed telemetry about your Cloud DLP usage to Stackdriver. This can be useful to monitor for unexpected findings, amount of data scanned or transformed, errors in job triggers or jobs, and expenses.

Using Stackdriver

Using Metrics Explorer in Stackdriver, you can dig into available metrics data to give you insight into your Cloud DLP usage. Stackdriver supports a wide variety of metrics, which you can combine with filters and aggregations for new and insightful views.

To go to Metrics Explorer, do the following:

In the Google Cloud Console, select Monitoring, or use the following button:

Go to Monitoring
Select Resources > Metrics Explorer.

To see Cloud DLP-specific metrics in Metrics Explorer, search with dlp.googleapis.com to refine your search results.

To see API metrics in Metrics Explorer, select Consumed API as the resource type, and then use the filter and aggregation options to refine your data.

After you've found the metrics you want, you can use Stackdriver to create custom dashboards and alerts that will help you continue to monitor and maintain a robust application.

Monitoring & Graphing Metrics

When graphing metrics, the most common way to do so is to aggregate using Advanced Aggregation and the following settings:

Aligner: SUM
Alignment Period: 1440

Stackdriver metric configuration (click to enlarge)

This will provide you with a chart showing you results per day.

Stackdriver supports alerting on all metrics. Using the Cloud DLP metrics, you can alert on use cases that include:

Monitor content_bytes_inspected_count or content_bytes_transformed_count to alert when spend has exceeded budget for a day.
Alert when the number of total findings or findings for a specific infoType exceed a threshold. For example, you can build an alert if CREDIT_CARD_NUMBER findings exceed 0 in a given project where no PII should exist.

Available Metrics

Launch stages of these metrics: Beta

Metric type Display name
Kind, Type, Unit Launch stage	Description Labels
`finding_count` Number of findings
`DELTA`, `INT64`, `By` Beta	Number of findings per second. Only populated for jobs where the action `PublishToStackdriver` is included.
`content_bytes_inspected_count` Content bytes inspected
`DELTA`, `INT64`, `By` Beta	Number of bytes inspected in content methods per second.
`content_bytes_transformed_count` Content bytes transformed
`DELTA`, `INT64`, `By` Beta	Number of bytes transformed in content methods per second.
`storage_bytes_inspected_count` Storage bytes inspected
`DELTA`, `INT64`, `By` Beta	Number of bytes inspected in Cloud DLP jobs.
`storage_bytes_transformed_count` Storage bytes transformed
`DELTA`, `INT64`, `By` Beta	Number of bytes transformed in Cloud DLP jobs.
`job_result_count` Job results
`DELTA`, `INT64`, `1` Beta	Results of Cloud DLP jobs. True if the job was success and false otherwise.
`job_trigger_run_count` Job trigger runs
`DELTA`, `INT64`, `1` Beta	Results of job trigger runs.

Was this page helpful? Let us know how we did:

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see our Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated December 4, 2019.