Capsule8 Docs
Capsule8 Docs

Getting Alerts via Google Cloud Storage

The blobstorage output type sends alerts to individual files in a Google Cloud Storage bucket. The sensor can optionally create the target bucket or buckets so long as it has sufficient permisisons.

Access to a Google Cloud Storage bucket can be granted by setting the GOOGLE_APPLICATION_CREDENTIALS environment variable.

This output type is commonly used for easy archiving of Alerts in a durable store. It can also be used as the trigger for an ETL process in cloud environments where blob storage write events trigger a cloud function that processes the incoming Alert. At this point Alerts can be enriched, transformed, and shipped out to other systems as needed.


Key Required Description
type yes The output type.
enabled yes Enables/disables the output.
provider yes The cloud provider name.
bucket_name yes The name of the bucket to write to.
create_bucket no Enables/disables bucket creation.

Google Cloud has no additional configuration.

Example sending Alerts to Google Cloud:

  # Write the Alert to GCP Storage authed through GOOGLE_APPLICATION_CREDENTIALS
  - type: blobstorage
    enabled: true
    bucket_name: capsule8_alerts
    provider: gcp