Google on Thursday introduced VPC Flow Logs to the Google Cloud Platform (GCP), a new tool for tracking network operations.
VPC Flow Logs is like Cisco's NetFlow, "but with more features," GCP Product Manager Ines Envid explained in a blog post. It provides network telemetry for GCP environments, creating logs in five-second intervals.
Users can collect telemetry from a specific VPC (virtual private cloud) network, a subnet, or a specific VM instance or virtual interface. The tool tracks data from internal VPC traffic, flows between a VPC and on-premise deployments, flows between servers and any internet endpoint, as well as flows between servers and Google services.
Once the data is collected, a user can export it to Google's BigQuery or Stackdriver Logging. With the Cloud Pub/Sub API, you can export logs into any SIEM ecosystem. VPC Flow Logs also integrates with Cisco Stealthwatch and SumoLogic two, two leading logging and analytics platforms.
The logging and monitoring tool should help users track application performance from the perspective of the network, help optimize network usage, and help perform network forensics when investigating unusual behavior.