Log streaming: Google Cloud Storage

Fastly's Real-Time Log Streaming feature can send log files to Google Cloud Storage (GCS). GCS is an online file storage service used for storing and accessing data on Google's infrastructure. One advantage of using GCS is that you can use Google BigQuery to analyze the log files.

Prerequisites

Before adding GCS as a logging endpoint for Fastly services, you will need to:

  • Register for a GCS account.
  • Create a bucket and service account on Google's website.
  • Obtain the private_key and client_email from the JSON file associated with the service account.
  • Enable the Google Cloud Storage JSON API.

Creating a GCS bucket

You can create a new GCS bucket to hold the logs, or you can use an existing bucket. Be sure to note the name of the bucket as you will need it later. To learn how to create a GCS bucket, see Google's guide on creating a bucket.

Creating a service account

GCS uses service accounts for third-party application authentication. You will need to create a new service account on Google's website with the role of Storage Object Creator and make sure you've added it as a member of the GCS bucket you created. To learn how to create a service account, see Google's guide on generating a service account credential. When you create the service account, be sure to set the Key Type to JSON.

Obtaining the private key and client email

After you create the service account, a JSON file will be downloaded to your computer. This file contains the credentials for the GCS service account you just created. Open the file with a text editor and make a note of the private_key and client_email.

Enabling the Google Cloud Storage JSON API

To ensure the Fastly logs are sent to your GCS bucket, you need to enable the Google Cloud Storage JSON API. For more information, see Google's instructions for activating the API.

Adding GCS as a logging endpoint

Follow these instructions to add GCS as a logging endpoint:

  1. Review the information in our Setting Up Remote Log Streaming guide.
  2. Click the Google Cloud Services Create endpoint button. The Create a Google Cloud Storage (GCS) endpoint page appears.

    The  Google Cloud Storage endpoint page

  3. Fill out the Create a Google Cloud Storage (GCS) endpoint fields as follows:
    • In the Name field, enter a human-readable name for the endpoint.
    • In the Placement area, select where the logging call should be placed in the generated VCL. Valid values are Format Version Default, waf_debug (waf_debug_log), and None. See our guide on changing log placement for more information.
    • In the Log format field, optionally enter an Apache-style string or VCL variables to use for log formatting. Our discussion of format strings provides more information.
    • In the Timestamp format field, optionally enter a timestamp format for log files. The default is an strftime compatible string. Our guide on changing where log files are written provides more information.
    • In the Email field, enter the client_email address listed in the JSON file associated with the service account you created on Google's website.
    • In the Bucket name field, enter the name of the GCS bucket in which to store the logs.
    • In the Secret key field, enter the private_key value listed in the JSON file associated with the service account you created on Google's website. We strip out the JSON newline escape characters for you so don't worry about removing them.
    • In the PGP public key field, optionally enter a PGP public key that Fastly will use to encrypt your log files before writing them to disk. You will only be able to read the contents by decrypting them with your private key. The PGP key should be in PEM (Privacy-Enhanced Mail) format. See our guide on log encryption for more information.
    • In the Period field, optionally enter an interval (in seconds) to control how frequently your log files are rotated. This value defaults to 3600 seconds.
  4. Click the Advanced options link of the Create a Google Cloud Storage (GCS) endpoint page and decide which of the optional fields to change, if any.

    the advanced options on the create a GCS endpoint page

  5. Fill out the Advanced options of the Create a Google Cloud Storage (GCS) endpoint page as follows:
    • In the Path field, optionally enter the path within the bucket to store the files. The path ends with a trailing slash. If this field is left empty, the files will be saved in the bucket's root path. Our guide on changing where log files are written provides more information.
    • In the Select a log line format area, select the log line format for your log messages. Our guide on changing log line formats provides more information.
    • In the Compression field, optionally select the compression format you want applied to the log files. Our guide on changing log compression options provides more information.
  6. Click the Create button to create the new logging endpoint.
  7. Click the Activate button to deploy your configuration changes.
Back to Top