The following logs captures a VM initiating an upload request to Cloud Storage through a Private Service Connect (PSC) endpoint
Is there a unique identifier for all the 3 logs below that they belong to same connection
Firewall Logs
{
"insertId": "8c1ia9f8gifgs",
"jsonPayload": {
"disposition": "ALLOWED",
"rule_details": {
"destination_range": [
"10.0.2.0/32"
],
"priority": 1000,
"ip_port_info": [
{
"port_range": [
"443"
],
"ip_protocol": "TCP"
}
],
"direction": "EGRESS",
"action": "ALLOW",
"reference": "network:karthik-vm-cloudstorage-vpc/firewall:https-egress-allow"
},
"vpc": {
"project_id": "dev-3-455613",
"vpc_name": "karthik-vm-cloudstorage-vpc",
"subnetwork_name": "subnet1"
},
"instance": {
"vm_name": "karthik-vm-cloudstorage",
"zone": "asia-south1-c",
"region": "asia-south1",
"project_id": "dev-3-455613"
},
"connection": {
"dest_ip": "199.36.153.101",
"src_ip": "10.0.0.3",
"protocol": 6,
"dest_port": 443,
"src_port": 43008
}
},
"resource": {
"type": "gce_subnetwork",
"labels": {
"location": "asia-south1",
"subnetwork_id": "7303207563399409007",
"subnetwork_name": "subnet1",
"project_id": "dev-3-455613"
}
},
"timestamp": "2025-04-22T08:51:19.233187214Z",
"logName": "projects/dev-3-455613/logs/compute.googleapis.com%2Ffirewall",
"receiveTimestamp": "2025-04-22T08:51:29.476235817Z"
}
DNS Logs
{
"insertId": "dc60ghf1t7ly5",
"jsonPayload": {
"queryName": "storage-vmcsendpoint.p.googleapis.com.",
"serverLatency": 3,
"sourceIP": "10.0.0.3",
"vmZoneName": "asia-south1-c",
"vmInstanceName": "283347191889.karthik-vm-cloudstorage",
"vmProjectId": "dev-3-455613",
"protocol": "UDP",
"vmInstanceIdString": "8653066130415295471",
"dns64Translated": false,
"vmInstanceId": 8653066130415295000,
"responseCode": "NOERROR",
"rdata": "storage-vmcsendpoint.p.googleapis.com.\t60\tIN\ta\t10.0.2.0",
"authAnswer": true,
"sourceNetwork": "karthik-vm-cloudstorage-vpc",
"queryType": "A"
},
"resource": {
"type": "dns_query",
"labels": {
"location": "asia-south1",
"target_type": "service-directory-zone",
"target_name": "goog-psc-karthik-vm-cloudstor-8255967318381571456",
"project_id": "dev-3-455613",
"source_type": "gce-vm"
}
},
"timestamp": "2025-04-22T08:51:19.231419346Z",
"severity": "INFO",
"logName": "projects/dev-3-455613/logs/dns.googleapis.com%2Fdns_queries",
"receiveTimestamp": "2025-04-22T08:51:19.505324299Z"
}
Audit Logs
{
"protoPayload": {
"@type": "type.googleapis.com/google.cloud.audit.AuditLog",
"status": {},
"authenticationInfo": {
"principalEmail": "(PII Removed from Image by Staff)",
"serviceAccountDelegationInfo": [
{
"firstPartyPrincipal": {
"principalEmail": "service-283347191889@compute-system.iam.gserviceaccount.com"
}
}
]
},
"requestMetadata": {
"callerIp": "10.0.0.3",
"callerSuppliedUserAgent": "curl/7.88.1,gzip(gfe)",
"callerNetwork": "//compute.googleapis.com/projects/dev-3-455613/global/networks/__unknown__",
"requestAttributes": {
"time": "2025-04-22T08:51:19.344847273Z",
"auth": {}
},
"destinationAttributes": {}
},
"serviceName": "storage.googleapis.com",
"methodName": "storage.objects.create",
"authorizationInfo": [
{
"resource": "projects/_/buckets/apr-8-test-bucket/objects/random.txt",
"permission": "storage.objects.create",
"granted": true,
"resourceAttributes": {}
},
{
"resource": "projects/_/buckets/apr-8-test-bucket/objects/random.txt",
"permission": "storage.objects.delete",
"granted": true,
"resourceAttributes": {}
}
],
"resourceName": "projects/_/buckets/apr-8-test-bucket/objects/random.txt",
"serviceData": {
"@type": "type.googleapis.com/google.iam.v1.logging.AuditData",
"policyDelta": {}
},
"resourceLocation": {
"currentLocations": [
"asia-south1"
]
}
},
"insertId": "1maudg2ea0gyp",
"resource": {
"type": "gcs_bucket",
"labels": {
"bucket_name": "apr-8-test-bucket",
"location": "asia-south1",
"project_id": "dev-3-455613"
}
},
"timestamp": "2025-04-22T08:51:19.337801281Z",
"severity": "INFO",
"logName": "projects/dev-3-455613/logs/cloudaudit.googleapis.com%2Fdata_access",
"receiveTimestamp": "2025-04-22T08:51:19.489119524Z"
}