Google Cloud VPC Flow Logs allow admins to track network flows in 'near real-time'

The feature offers network telemetry for Google Cloud Platform environments, providing logs every five seconds.

Why machine learning is so critical to the future of Google Cloud
Building a slide deck, pitch, or presentation? Here are the big takeaways:
  • A new Google Cloud Platform feature called VPC Flow Logs offers near real-time network flow tracking, with logs created every five seconds.
  • Improved network flow tracking in near real-time could improve network security and help admins optimize their networks for security and performance.

A new feature called VPC Flow Logs could improve network monitoring and transparency for Google Cloud Platform (GCP) admins, Google announced in a Thursday blog post.

The feature will allow GCP admins to "track network flows all the way down to an individual virtual interface, in near-real-time," according to the post. It brings "flow-level network telemetry" for these environments, and will create log intervals of about five seconds, the post said.

In terms of how it can be used, telemetry can be collected for an entire VPC network, or an individual virtual interface or VM Instance, the post said. VPC Flow Logs can capture data from internal VPC traffic, flows between a VPC and on-premises deployment (over both VPNs and Google Cloud Interconnects), flows between a server and internet endpoint, or flows between a server and Google services, the post noted.

SEE: Cloud computing policy (Tech Pro Research)

Users can also export data from VPC Flow Logs to Stackdriver Logging or BigQuery.

Since VPC Flow Logs provides such network transparency in such fast intervals, it could make quite a few network operations easier for admins. In monitoring applications, the data can be used to debug and troubleshoot aps, but also to optimize for performance.

Admins can also use VPC Flow Logs to optimize for bandwidth utilization, load balancing, or content distribution to best utilize network costs, the post said. It can also help users perform network forensics when investigating odd behavior, the post said, and the logs can be used for compliance purposes as well.

With the Cloud Pub/Sub API, users can export their logs into any SIEM ecosystem to be used for security analysis. And, according to the post, "this happens with near real-time accuracy (updates every 5 seconds vs. minutes), with absolutely no performance impact on your deployment."

At the launch of VPC Flow Logs, integrations will be offered with the Cisco Stealthwatch and SumoLogic platforms, the post said, with more information about the integrations coming soon.

Also see

Image: iStockphoto/zhudifeng