Capsule8 Docs
Capsule8 Docs
Help

Getting Alerts via Google Cloud Storage

The blobstorage output type sends alerts to individual files in a Google Cloud Storage bucket. The sensor can optionally create the target bucket or buckets so long as it has sufficient permisisons.

Access to a Google Cloud Storage bucket can be granted by setting the GOOGLE_APPLICATION_CREDENTIALS environment variable.

This output type is commonly used for easy archiving of Alerts in a durable store. It can also be used as the trigger for an ETL process in cloud environments where blob storage write events trigger a cloud function that processes the incoming Alert. At this point Alerts can be enriched, transformed, and shipped out to other systems as needed.

Configuration:

Key Required Description
type yes The output type.
enabled yes Enables/disables the output.
provider yes The cloud provider name.
bucket_name yes The name of the bucket to write to.
create_bucket no Enables/disables bucket creation.

Google Cloud has no additional configuration.

Example sending Alerts to Google Cloud:

# Write the Alert to GCP Storage authed through GOOGLE_APPLICATION_CREDENTIALS
- type: blobstorage
  enabled: true
  bucket_name: capsule8_alerts
  provider: gcp