Skip to content
Snippets Groups Projects
Commit f2a081a7 authored by Harsimar Sandhu's avatar Harsimar Sandhu :three: Committed by Evan Read
Browse files

Docs for google cloud logging streaming

This commit adds documentation for Google
Cloud Logging audit event streaming for
a top level group

Changelog: other
parent a7ef301d
No related branches found
No related tags found
1 merge request!124038Docs for google cloud logging streaming
......@@ -144,6 +144,39 @@ mutation {
The header is created if the returned `errors` object is empty.
### Google Cloud Logging streaming
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/409422) in GitLab 16.1.
Prerequisites:
- Owner role for a top-level group.
- A Google Cloud project with the necessary permissions to create service accounts and enable Google Cloud Logging.
To enable streaming and add a configuration, use the
`googleCloudLoggingConfigurationCreate` mutation in the GraphQL API.
```graphql
mutation {
googleCloudLoggingConfigurationCreate(input: { groupPath: "my-group", googleProjectIdName: "my-google-project", clientEmail: "my-email@my-google-project.iam.gservice.account.com", privateKey: "YOUR_PRIVATE_KEY", logIdName: "audit-events" } ) {
errors
googleCloudLoggingConfiguration {
id
googleProjectIdName
logIdName
privateKey
clientEmail
}
errors
}
}
```
Event streaming is enabled if:
- The returned `errors` object is empty.
- The API responds with `200 OK`.
## List streaming destinations
List new streaming destinations for top-level groups or an entire instance.
......@@ -220,6 +253,37 @@ If the resulting list is empty, then audit streaming is not enabled for the inst
You need the ID values returned by this query for the update and delete mutations.
### Google Cloud Logging configurations
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/409422) in GitLab 16.1.
Prerequisite:
- Owner role for a top-level group.
You can view a list of streaming configurations for a top-level group using the `googleCloudLoggingConfigurations` query
type.
```graphql
query {
group(fullPath: "my-group") {
id
googleCloudLoggingConfigurations {
nodes {
id
logIdName
googleProjectIdName
privateKey
}
}
}
}
```
If the resulting list is empty, then audit streaming is not enabled for the group.
You need the ID values returned by this query for the update and delete mutations.
## Update streaming destinations
Update streaming destinations for a top-level group or an entire instance.
......@@ -313,6 +377,39 @@ mutation {
The header is updated if the returned `errors` object is empty.
### Google Cloud Logging configurations
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/409422) in GitLab 16.1.
Prerequisite:
- Owner role for a top-level group.
To update streaming configuration for a top-level group, use the
`googleCloudLoggingConfigurationUpdate` mutation type. You can retrieve the configuration ID
by [listing all the external destinations](#list-streaming-destinations).
```graphql
mutation {
googleCloudLoggingConfigurationUpdate(
input: {id: "gid://gitlab/AuditEvents::GoogleCloudLoggingConfiguration/1", groupPath: "my-group", googleProjectIdName: "my-google-project", clientEmail: "my-email@my-google-project.iam.gservice.account.com", privateKey: "YOUR_PRIVATE_KEY", logIdName: "audit-events"}
) {
errors
googleCloudLoggingConfiguration {
id
logIdName
privateKey
googleProjectIdName
}
}
}
```
Streaming configuration is updated if:
- The returned `errors` object is empty.
- The API responds with `200 OK`.
## Delete streaming destinations
Delete streaming destinations for a top-level group or an entire instance.
......@@ -384,6 +481,31 @@ Streaming destination is deleted if:
- The returned `errors` object is empty.
- The API responds with `200 OK`.
### Google Cloud Logging configurations
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/409422) in GitLab 16.1.
Prerequisite:
- Owner role for a top-level group.
Users with the Owner role for a group can delete streaming configurations using the
`googleCloudLoggingConfigurationDestroy` mutation type. You can retrieve the configurations ID
by [listing all the streaming destinations](#list-streaming-destinations) for the group.
```graphql
mutation {
googleCloudLoggingConfigurationDestroy(input: { id: "gid://gitlab/AuditEvents::GoogleCloudLoggingConfiguration/1" }) {
errors
}
}
```
Streaming configuration is deleted if:
- The returned `errors` object is empty.
- The API responds with `200 OK`.
## Event type filters
> Event type filters API [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/344845) in GitLab 15.7.
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment