Google Cloud fields | Filebeat Reference [7.4]

IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.

› ›

« Envoyproxy fields haproxy fields »

Google Cloud fieldsedit

Module for handling logs from Google Cloud.

googlecloudedit

Fields from Google Cloud logs.

vpcflowedit

Fields for Google Cloud VPC flow logs.

googlecloud.vpcflow.reporter

The side which reported the flow. Can be either SRC or DEST.

type: keyword

googlecloud.vpcflow.rtt.ms

Latency as measured (for TCP flows only) during the time interval. This is the time elapsed between sending a SEQ and receiving a corresponding ACK and it contains the network RTT as well as the application related delay.

type: long

destination.instanceedit

If the destination of the connection was a VM located on the same VPC, this field is populated with VM instance details. In a Shared VPC configuration, project_id corresponds to the project that owns the instance, usually the service project.

googlecloud.vpcflow.destination.instance.project_id

ID of the project containing the VM.

type: keyword

googlecloud.vpcflow.destination.instance.region

Region of the VM.

type: keyword

googlecloud.vpcflow.destination.instance.zone

Zone of the VM.

type: keyword

destination.vpcedit

If the destination of the connection was a VM located on the same VPC, this field is populated with VPC network details. In a Shared VPC configuration, project_id corresponds to that of the host project.

googlecloud.vpcflow.destination.vpc.project_id

ID of the project containing the VM.

type: keyword

googlecloud.vpcflow.destination.vpc.vpc_name

VPC on which the VM is operating.

type: keyword

googlecloud.vpcflow.destination.vpc.subnetwork_name

Subnetwork on which the VM is operating.

type: keyword

source.instanceedit

If the source of the connection was a VM located on the same VPC, this field is populated with VM instance details. In a Shared VPC configuration, project_id corresponds to the project that owns the instance, usually the service project.

googlecloud.vpcflow.source.instance.project_id

ID of the project containing the VM.

type: keyword

googlecloud.vpcflow.source.instance.region

Region of the VM.

type: keyword

googlecloud.vpcflow.source.instance.zone

Zone of the VM.

type: keyword

source.vpcedit

If the source of the connection was a VM located on the same VPC, this field is populated with VPC network details. In a Shared VPC configuration, project_id corresponds to that of the host project.

googlecloud.vpcflow.source.vpc.project_id

ID of the project containing the VM.

type: keyword

googlecloud.vpcflow.source.vpc.vpc_name

VPC on which the VM is operating.

type: keyword

googlecloud.vpcflow.source.vpc.subnetwork_name

Subnetwork on which the VM is operating.

type: keyword

« Envoyproxy fields haproxy fields »