Sazabi
Data SourcesNative Data Sources

Google Cloud Logging

Forward logs from Google Cloud Logging to Sazabi for AI-powered analysis and investigation.

Google Cloud Logging is a native data source. Sazabi creates a log sink in your GCP project to forward logs automatically.

About this data source

When you connect your GCP project, Sazabi provisions a log sink that routes matching logs to Sazabi's intake via Pub/Sub. This gives you:

  • Automatic log forwarding without managing infrastructure
  • Real-time streaming as logs are written to Cloud Logging
  • Flexible log filters to control what gets forwarded
  • AI-powered analysis and investigation of your GCP logs

Prerequisites

Before you begin, make sure you have:

  • A GCP project with Cloud Logging enabled
  • A service account with the required roles
  • Billing enabled on the GCP project (required for Pub/Sub)

Setup

Create a service account

In your GCP project, create a service account with the following roles:

  • Browser (roles/browser) - to list and browse projects via Cloud Resource Manager during setup
  • Logs Configuration Writer (roles/logging.configWriter) - to create log sinks
  • Pub/Sub Admin (roles/pubsub.admin) - to create topics and subscriptions

You can create the service account using the Google Cloud Console or the gcloud CLI:

# Create the service account
gcloud iam service-accounts create sazabi-logs \
  --display-name="Sazabi Log Forwarding"

# Grant required roles
gcloud projects add-iam-policy-binding YOUR_PROJECT_ID \
  --member="serviceAccount:sazabi-logs@YOUR_PROJECT_ID.iam.gserviceaccount.com" \
  --role="roles/browser"

gcloud projects add-iam-policy-binding YOUR_PROJECT_ID \
  --member="serviceAccount:sazabi-logs@YOUR_PROJECT_ID.iam.gserviceaccount.com" \
  --role="roles/logging.configWriter"

gcloud projects add-iam-policy-binding YOUR_PROJECT_ID \
  --member="serviceAccount:sazabi-logs@YOUR_PROJECT_ID.iam.gserviceaccount.com" \
  --role="roles/pubsub.admin"

Generate a service account key

Create a JSON key file for the service account:

gcloud iam service-accounts keys create sazabi-key.json \
  --iam-account=sazabi-logs@YOUR_PROJECT_ID.iam.gserviceaccount.com

Keep this file secure. You will upload it to Sazabi in the next step.

Connect in Sazabi

Data Sources

Log in to Sazabi and go to Settings > Data Sources > Add Source.

Select Google Cloud Logging from the list of available data sources.

Upload your service account JSON key file when prompted.

Select GCP project

After authenticating, select the GCP project you want to forward logs from. If your service account has access to multiple projects, you can choose which one to connect.

Configure log filters (optional)

By default, Sazabi forwards all logs from the selected project. You can optionally specify a log filter to forward only matching logs.

Log filters use Google Cloud Logging's filter syntax. For example:

resource.type="cloud_run_revision"
severity>=WARNING

This filter forwards only warning and error logs from Cloud Run.

Leave the filter empty to forward all logs. You can modify the filter later from the data source settings.

Confirm and connect

Review your selections and click Connect. Sazabi will create the necessary resources in your GCP project. Logs will begin flowing within a few minutes.

What Sazabi creates

When you connect Google Cloud Logging, Sazabi provisions the following resources in your GCP project:

  • Log sink that routes matching logs to a Pub/Sub topic
  • Pub/Sub topic that receives log entries from the sink
  • Pub/Sub subscription that Sazabi uses to pull logs

These resources are created in your GCP project and are visible in the Google Cloud Console under Logging > Logs Router and Pub/Sub.

Verifying logs are flowing

Once connected, you can verify that logs are flowing to Sazabi:

  1. Ask the assistant: Open a thread in Sazabi and ask "Show me recent GCP logs" or "What errors appeared in Cloud Run in the last hour?"

  2. Check the dashboard: Navigate to your project in the Sazabi dashboard to see logs appear in real-time.

  3. Generate test logs: Trigger an action in your GCP environment (such as making a request to a Cloud Run service) and verify the logs appear in Sazabi.

Disconnecting

When you disconnect Google Cloud Logging from Sazabi:

  • Sazabi removes the log sink, Pub/Sub topic, and subscription it created
  • No logs are deleted from Cloud Logging
  • Historical logs already sent to Sazabi remain available until retention expires

To disconnect, go to Settings > Data Sources, find your GCP connection, and click Disconnect.

Troubleshooting

Service account permissions

If the connection fails during setup, verify the service account has all three required roles: Browser (roles/browser), Logs Configuration Writer, and Pub/Sub Admin. You can check assigned roles in the IAM section of the Google Cloud Console.

Billing not enabled

Pub/Sub requires billing to be enabled on the GCP project. If you see a billing-related error, enable billing in the Google Cloud Console under Billing > Account Management.

Log filter syntax errors

If your log filter is invalid, Sazabi will display an error during setup. Test your filter in the Google Cloud Console under Logging > Logs Explorer before using it in Sazabi. Refer to the filter syntax documentation for help.

Logs not arriving

  • Verify the log sink was created in Logging > Logs Router
  • Check that the Pub/Sub subscription is receiving messages
  • Confirm your log filter matches the logs you expect to see
  • Allow a few minutes for logs to propagate through the pipeline

AWS CloudWatch Logs

Forward logs from AWS CloudWatch to Sazabi for AI-powered analysis and investigation.

Vercel

Forward logs from Vercel deployments to Sazabi for AI-powered analysis and investigation.

On this page

About this data sourcePrerequisitesSetupCreate a service accountGenerate a service account keyConnect in SazabiSelect GCP projectConfigure log filters (optional)Confirm and connectWhat Sazabi createsVerifying logs are flowingDisconnectingTroubleshooting