This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Billed for unknown FW

Posted on 04-29-2022 02:44 PM
AlNafi-Support
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

Dear Respected Community,

I am new here in this community and this is my first post.

on 1st April someone triggered 2 FW in one of our projects. Which cost us $50 per day till the 15th of April. When I checked the logs, it showed that it was not executed by any user, in fact, it was done by one of its own services running in the same project. I opened a case with the billing dept. Thanks to GCP billing they have refunded. But I need to know what has happened that triggered those FWs. Is there something in our code or some other issue? Can someone help me out on this?

Appreciate your comments.

Thanks,

Osama Anwer

Solved Solved
0 1 166
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
ulisescasas
Staff
Reply posted on --/--/---- --:-- AM

Hello,

I would suggest you review your logs, where you may need to filter by your resources allocated within the VPC for the corresponding rule triggered in your FWs. 

Alternatively:

  1. On the right side of the filter by label or text search field, click the down arrow and select Convert to advanced filter.

Paste the following into the field. Replace PROJECT_ID with your project ID.
 

resource.type="gce_subnetwork"

  1. logName="projects/PROJECT_ID/logs/compute.googleapis.com%2Ffirewall"

Document for Logs Explorer interface attached- https://cloud.google.com/logging/docs/view/logs-explorer-interface

How to view FW logs: https://cloud.google.com/vpc/docs/using-firewall-rules-logging#all_firewall_logs

 

Regards

View solution in original post

Jump to Solution
1 REPLY 1

Posted on --/--/---- --:-- AM
ulisescasas
Staff
Reply posted on --/--/---- --:-- AM

Hello,

I would suggest you review your logs, where you may need to filter by your resources allocated within the VPC for the corresponding rule triggered in your FWs. 

Alternatively:

  1. On the right side of the filter by label or text search field, click the down arrow and select Convert to advanced filter.

Paste the following into the field. Replace PROJECT_ID with your project ID.
 

resource.type="gce_subnetwork"

  1. logName="projects/PROJECT_ID/logs/compute.googleapis.com%2Ffirewall"

Document for Logs Explorer interface attached- https://cloud.google.com/logging/docs/view/logs-explorer-interface

How to view FW logs: https://cloud.google.com/vpc/docs/using-firewall-rules-logging#all_firewall_logs

 

Regards

Jump to Solution
Top Labels in this Space
Top Solution Authors
View all