Reputation: 1242
"No Log sinks are configured" when trying to export logs
I was trying to export logs from Stackdriver Logging interface.
I clicked "Logs" from the left menu, and then Exports, now I see a message saying: "No Log sinks are configured."
I tried looking at Google's documentation and there was nothing relevant there, actually this is the first appearance of the string "No Log sinks are configured." in Google search.
EDIT:
Another approach, using the Cloud Shell, I typed the following command:
$ gcloud beta logging sinks create direct-log storage.googleapis.com/log_export_bucket --log compute.googleapis.com/syslog
ERROR: (gcloud.beta.logging.sinks.create) PERMISSION_DENIED: The caller does not have permission
Upvotes: 2
Views: 1677
Answers (2)
Reputation: 1714
Logging configuration
The PERMISSION_DENIED gcloud errors suggests the account from which you are trying to create this sink does not have a Project Owner role or Logs Configuration Writer role. These are of course required as mentioned in the documentation you've already referenced. To see if this is in place, you can inspect a given account's roles using Cloud IAM and ensure the account currently logged in has the proper roles. At this point, the CREATE EXPORT should be available to click under Stackdriver Logging - Logs.
Selection a destination
At this point, you'll need to set up a destination such as a Cloud Storage bucket with appropriate permissions [email protected]. According to Creating sinks however, this will be done for you when creating the sink.
As part of creating the sink, Stackdriver Logging will first grant itself ([email protected]) permission to write to your destination.
Nevertheless, you can verify that [email protected] was granted the appropriate permission in Cloud IAM to ensure Stackdriver Logging will be authorized to write to the given destination. In the case of Cloud Storage, [email protected] requires Owner permissions to the specified bucket as describe in Destination authorization.
In Cloud Storage, the group [email protected] is given Owner permission to your bucket.
Note that using these destinations will most likely require you to enable billing.
Further errors
The above steps are all that is required to create a sink and setup log exporting. If you've verified all aforementioned credentials/permissions and still face the same error(s), I would suggest filing a defect report on the Google Cloud Platform public issue tracker. We can reach out at that point and privately inspect the privileges setup to investigate this behavior that differs from the documentation.
Upvotes: 1
Reputation: 1260
I think there are two things going on in this situation.
- In the UI, the "No Log sinks are configured" message is just informing you that no export rules have been set up yet. To set them up, you go to the main logging view, choose the logs you want to export by filtering for them, and click "Create Export" to create them.
- The message you're getting from gcloud suggests that you may not have permissions on the project you're trying to edit to create new export sinks. Is this a project you own? If not, the owner needs to grant you the "Logs Configuration Writer" role (and possibly also the "Logs Viewer" role, so you can see the logs you're trying to export before you create the export rule to make sure they're the ones you intend to export).
Upvotes: 1
Related Questions
- Logs are not getting exported at log sink as per the inclusion filter of timestamp
- Logs aren't arriving in Cloud Logging from Google Compute Engine
- How to export previous logs in Stackdriver
- GCP Logging Sink not exporting
- Logs not showing in Google Cloud Platform Stackdriver when using new Google Cloud logging jar
- No logs are created in Stackdriver logging
- Google Cloud Logs not exporting to storage
- GCP Logging - read only logs that are not exported to any sink
- How to set up a custom log destination using Google Cloud Stackdriver Log Export service
- Issues With Google Log Exporter