Prisma Cloud Policy - Check if Logging is enabled for HTTP(S) Load Balancer in GCP

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

Prisma Cloud Policy - Check if Logging is enabled for HTTP(S) Load Balancer in GCP

L0 Member

Based on CIS Benchmark, there is an gcloud cli command to check if the Enable logging is enabled.


From Google Cloud CLI

  1. Run the following command

gcloud compute backend-services describe <servicename>

Global external Application Load Balancer logging and monitoring  |  Load Balancing  |  Google Cloud

How can I create a Prisma Cloud policy to check if the Load Balancer have the logs enabled?

Do you know which API we can use to do this? I'm trying with the following.
config from cloud.resource where cloud.type = 'gcp' and = 'gcloud-compute-external-backend-service' as X;


L3 Networker

Hi RSousa1,

An example on how to query if the logging is not enabled would look like this:

config from cloud.resource where cloud.type = 'gcp' AND = 'gcloud-compute-external-backend-service' AND json.rule = logConfig.enable is false



Brandon Goldstein, Sr. Customer Success Engineer, Prisma Cloud | PCCSE, GCP PCSE
  • 1 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!