Connect to Google Cloud Platform: Guided setup and other options

Connect your Google Cloud Platform / GCP account to Splunk Observability Cloud.

You can connect your GCP account and send data to Splunk Observability Cloud with the following methods:

Connect to GCP using the guided setup
Integrate GCP using the API
Connect to GCP using Terraform

Note: Before you connect, make sure to read GCP authentication, permissions and supported regions.

Connect to GCP using the guided setup

Follow these steps to connect to GCP:

1. Define a role for your GCP service account
2. Configure GCP
3. Connect to Splunk Observability Cloud and start the integration

1. Define a role for your GCP principal

Use GCP’s Viewer role as it comes with the permissions you need for most scenarios.

To customize the permissions for your role refer to GCP role permissions.

2. Configure your GCP services

To configure your GCP service:

Log into your GCP account and select the project you want to monitor in the GCP web console.
Authenticate your GCP project using Workload Identity Federation or Service Account Keys.

Note: To monitor multiple GCP projects, repeat the steps described in this section for each one of the projects.

3. Connect your GCP services to Splunk Observability Cloud and start the integration

By default, Splunk Observability Cloud monitors all supported services, and any new services added later are also monitored. When you set the parameters for your integration you can choose to import metrics from a subset of the available services.

Note: Splunk is not responsible for data availability, and it can take up to several minutes (or longer, depending on your configuration) from the time you connect until you start seeing valid data from your account.

Log in to Splunk Observability Cloud and open the Google Cloud Platform guided setup. Optionally, you can navigate to the guided setup on your own:

In the left navigation menu, select Data Management.
Go to the Available integrations tab, or select Add Integration in the Deployed integrations tab.
In the integration filter menu, select By Use Case, and select the Monitor Infrastructure use case.
In the Cloud Integrations section, select the Google Cloud Platform tile to open the Google Cloud Platform guided setup.

Authenticate with Workload Identity Federation (WIF)

In the wizard, select Workload Identity Federation (WIF) as the authentication method.
Continue to define the connection with GCP:
- Poll rate. Select the rate (in seconds) at which you want Splunk Observability Cloud to poll GCP for metric data, with 1 minute as the minimum unit, and 10 minutes as the maximum unit. For example, a value of 300 polls metrics once every 5 minutes.
- Specify if you want to use quota from the project where metrics are stored. See more at Use a single principal for your resources.
- Note that GCP metadata is automatically imported.
Prepare your GCP account following the steps on the UI.
Establish the connection:
- Name your integration.
- Import your WIF configuration. Learn more at Authenticate your Google account.
- Add your projects.
- Select your access token.
Select the data to import:
- Specify which GCP services you want to monitor.
- Optionally you can import additional data. See more at Import additional data.

Your GCP integration is now complete!

Authenticate with Service Account keys

In the wizard, select Service Account keys as the authentication method.
Continue to define the connection with GCP:
- Poll rate. Select the rate (in seconds) at which you want Splunk Observability Cloud to poll GCP for metric data, with 1 minute as the minimum unit, and 10 minutes as the maximum unit. For example, a value of 300 polls metrics once every 5 minutes.
- Specify if you want to use quota from the project where metrics are stored. See more at Use a single principal for your resources.
- Note that GCP metadata is automatically imported.
Prepare your GCP account following the steps on the UI.
Establish the connection:
- Name your integration.
- Project. Select Import service account keys to add a new project. Your project's ID is automatically extracted from the imported file. Follow the prompts to authenticate it. Learn more at Authenticate your Google account.
- Select your access token.
Select the data to import:
- Specify which GCP services you want to monitor.
- Optionally you can import additional data. See more at Import additional data.

Your GCP integration is now complete!

Use a single principal for your resources

In IAM you can grant access to your resources to one or more entities called principals, regardless of the authentication method (single Service Account or Workload Identity Federation).

If you are using a single principal for multiple projects, GCP tracks all API usage quota in the project where the principal originates from, which can result in throttling in your integration. To mitigate this, select Use quota from the project where metrics are stored. To use this option the principal provided for the project needs either the serviceusage.services.use permission or the Service Usage Consumer role.

For a more detailed description see Principals in GCP’s docs.

Import additional data

On step 5 of the guided set-up you can configure the import of the following additional data:

Custom Metric Type Domains. To list any additional GCP service domain names that you want to monitor, use commas to separate domain names in the Custom Metric Type Domains field. For example, to obtain Apigee metrics, add apigee.googleapis.com.
- For information on the available GCP metric domains refer to the official GCP docs at Google Cloud metrics .
- To learn about custom metric type domain syntax, see Custom metric type domain examples in the Splunk developer documentation.
Compute Metadata Included List. If you select Compute Engine as one of the services to monitor, you can enter a comma-separated list of Compute Engine Instance metadata keys to send as properties. These metadata keys are sent as properties named gcp_metadata_<metadata-key>.

For a more detailed description see Custom metric type domain examples in the Splunk developer documentation.

Alternatives to connect to GCP

Integrate GCP using the API

You can also integrate GCP with Splunk Observability Cloud using the GCP API.

See Integrate Google Cloud Platform Monitoring with Splunk Observability Cloud in our developer portal for details.

Connect to GCP using Terraform

To connect using Terraform, see Connect your cloud services using Splunk Terraform.

Next steps

To validate your setup, examine the details of your GCP integration as displayed in the list at the end of the setup page.

For details about the metrics provided by an GCP integration, see Google Cloud Monitoring metrics and metadata.
To send logs from GCP to Splunk Observability Cloud, follow the instructions in Send GCP logs to Splunk Platform.
Learn about Splunk Observability Cloud’s GCP Infrastructure Monitoring options.
To learn more about Splunk Observability Cloud’s data model, refer to Data types in Splunk Observability Cloud.

Documentation