Deployment Task

This article outlines the steps to identify the Stackdriver log that Aqua writes to after enabling the integration under System > Integration > Log Management > Google Cloud Logging.

Deployment Steps

1. Enable the Google Cloud Logging integration in Aqua by specifying the GCP project ID, key, and Log Name. In this example, the Log Name is 'aquaLog'. 
2. Verify that 'Test' returns successful and save the changes
3. Generate an Audit event, such as scanning an image that breaches image assurance policy. Here the centos:6 image was scanned and failed the policy.
4. In GCP, navigate to Stackdriver Logging and switch to the advanced filter:

5. Enter 'logName=' in the filter which opens a list of logs which includes 'projects/<project id>/logs/aquaLog. After selecting aquaLog, the Audit events are observed including the centos:6 policy failure event: