Enable Logging
Transfer Appliance uses logging to export certain system logs generated on the appliance to Google Cloud Observability making it easier to access them.
The steps to enable logging depend on whether you've set up online transfer:
If you've set up online transfer, and granted the
Logging Log Writerrole to the service account, no further configuration is required.If you've set up online transfer, but didn't add the
Logging Log Writerrole, add the role to your user-managed service account at the project level. No need to regenerate the service account key after adding or changing roles.If you haven't set up online transfer, follow the instructions to create and configure a user-managed service account. Only the
Logging Log Writerrole is required for logging.
Once you've completed the required steps:
- Connect to the appliance.
- Start reporting logs from the appliance
ta logging start
Disable logging on the appliance
To stop reporting logs from the appliance run the following command from the Transfer Appliance command line:
ta logging stop
View logs
To query for logs, you can use the label.sessionID field in the Google Cloud's
Google Cloud Observability.
labels.sessionID={sessionID}
The following are some of the logs that are exported:
Fluent Bit
Docker
Kernel
Metadata partition
capture
ta_check
activation_service
You can view the logs in Cloud Logging by using the Google Cloud console, the Google Cloud CLI, or the Logging API.
Troubleshooting
An error occurred while enabling logging
If the service account key file /tmp/key.json is not found on the appliance,
an error is returned.
Refer to Create and configure a Google-managed service account for instructions on configuring a service account and copying the key file to your appliance.