How to View Source of Interconnect Attachment Egre...

kcchris · 01-21-2022 02:37 PM

Hello all.

First, please excuse the newb-ish question. I am ACTUALLY quite new to learning GCP. So if this is not the right location for this question, or it's been answered somewhere else (I couldn't find) please let me know and direct me there.

I've read all the google documentation there is on logging/monitoring for interconnect attachments. I am trying to develop useful documentation for our SRE team to use in troubleshooting anomalous spikes in interconnect attachment traffic. The easy part is in the monitoring section, where I can see WHAT attachment has had the highest spikes. The difficult part has been in determining who or what is causing those spikes. I feel like I'm going in circles and am unable to find the source itself.

Any tips?

Anik

Hello,

Thank you for reaching the Google Cloud community. If you mean to monitor and troubleshoot “Anomalous traffic spikes”, a good place to start would be to check VPC flow logs[1] as this may give you a good indication of the source of the traffic in addition to the cloud monitoring[2-3]. VPC Flow Logs pricing is described in this GCP doc[4].

Sincerely,

Anik

Reference:

[1]: https://cloud.google.com/vpc/docs/using-flow-logs#use_cases

[2]:https://cloud.google.com/network-connectivity/docs/interconnect/how-to/monitoring

[3]https://cloud.google.com/monitoring/api/metrics_gcp#gcp-interconnect

[4]https://cloud.google.com/vpc/network-pricing#network-telemetry

How to View Source of Interconnect Attachment Egress Bytes