Enable event logs in GCP

Configure Google Cloud Logs Router to sync IAM service event logs from Atlan's Log Explorer to your GCP destination, enabling continuous security monitoring and SIEM integration.

Prerequisites

You need:

• Google Cloud project with Logs Router access
• Destination details (must be supported by Logs Router)
• Permissions to configure service account access for the destination

Configure logs router

1. Provide destination details to Atlan.

   • Specify the destination bucket or service
   • Confirm the destination is supported by Logs Router

2. Atlan creates the Log Router sink to sync logs from Log Explorer to your destination.

   • A service account is generated for authentication

3. Receive the service account details from Atlan.

   • Use these details to configure destination permissions

4. Configure necessary permissions for the service account.

   • Follow Google documentation for your specific destination type

5. Confirm permissions are configured.

   • Logs begin syncing to your preferred destination once permissions are set

Verify log syncing

Atlan sends logs to Google Cloud Logs Explorer. Log Router then syncs logs from Log Explorer to your destination. New sinks to Cloud Storage buckets may take several hours to start routing log entries. Cloud Storage sinks are processed hourly, while other destination types are processed in real time. Monitor your destination to confirm logs are being received.

See also

• Cloud logging and monitoring: Understand log format, structure, and security details.