02-22-2024 12:53 PM
Based on CIS Benchmark, there is an gcloud cli command to check if the Enable logging is enabled.
From Google Cloud CLI
gcloud compute backend-services describe <servicename>
Global external Application Load Balancer logging and monitoring | Load Balancing | Google Cloud
How can I create a Prisma Cloud policy to check if the Load Balancer have the logs enabled?
Do you know which API we can use to do this? I'm trying with the following.
config from cloud.resource where cloud.type = 'gcp' and api.name = 'gcloud-compute-external-backend-service' as X;
04-09-2024 03:20 PM
Hi RSousa1,
An example on how to query if the logging is not enabled would look like this:
config from cloud.resource where cloud.type = 'gcp' AND api.name = 'gcloud-compute-external-backend-service' AND json.rule = logConfig.enable is false
Regards,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
