Setting Up Cloud Logging for Java (original) (raw)

You can write logs to Cloud Logging from Java applications by using the Logback appender or ajava.util.logging handler, or by using the Cloud Logging library for Java directly.

The Cloud Logging agent does not have to be installed to use the Cloud Logging library for Java.

Before you begin

1. Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.
2. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.
   Go to project selector
3. Make sure that billing is enabled for your Google Cloud project.
4. Enable the Cloud Logging API.
   Enable the API
5. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.
   Go to project selector
6. Make sure that billing is enabled for your Google Cloud project.
7. Enable the Cloud Logging API.
   Enable the API

Logback appender for Cloud Logging

Using the Logback appender, you can use Cloud Logging with the SLF4J logging facade.

Installing the dependency

If you are using Maven, add the following to your pom.xml file. For more information about BOMs, see The Google Cloud Platform Libraries BOM.

If you are using Gradle, add the following to your dependencies:

If you are using sbt, add the following to your dependencies:

Logback configuration

Logback can be configuredprogrammatically or using a script expressed in XML or Groovy.

You can customize the minimum severity threshold, log name, or provide additional enhancers. This is a sample Logback configuration in XML format:

Example

Once you have configured Logback to use the Cloud Logging Logback appender, you can now redirect logs using the SLF4J logging API. Provide Google Cloud configuration if you plan to run the example locally or outside of Google Cloud. This snippet shows how to log using SLF4J facade within your application:

The java.util.logging handler

You can also use the Cloud Logging API using a default Java Logging API handler.

Installing the dependency

If you are using Maven with a BOM, add the following to your pom.xml file:

If you are using Mavenwithout a BOM, add this to your dependencies:

If you are using Gradle, add the following to your dependencies:

If you are using sbt, add the following to your dependencies:

If you're using Visual Studio Code, IntelliJ, or Eclipse, you can add client libraries to your project using the following IDE plugins:

• Cloud Code for VS Code
• Cloud Code for IntelliJ
• Cloud Tools for Eclipse

The plugins provide additional functionality, such as key management for service accounts. Refer to each plugin's documentation for details.

java.util.logging configuration

Logging handlers can be added programmatically or by using a configuration file. The path to the configuration file must be provided to your application as a system property:-Djava.util.logging.config.file=/path/to/logging.properties

Here is an example of a configuration file:

Example

Provide Google Cloud configuration if you plan to run the example locally or outside of Google Cloud. This snippet shows you how to log using java.util.logging:

Common Configuration

The following sections cover configuration that is common to thejava.util.logging handler and the Logback appender for Cloud Logging.

Defaults

The Logback appender and java.util.logging handler use the following defaults to instantiate a Cloud Logging client:

• Log name : java.log
• Minimum threshold to log : INFO
• Flush severity : ERROR

The Cloud Logging library for Java batches messages by size and time since last write. Batches with logging requests at or above the flush severity are immediately written out.

Monitored resource detection

All logs sent via the Cloud Logging libraries require a monitored resource typeto identify your application.

The Logback appender and the java.util.logging handler provide automatic resource type detection of your App Engine, Compute Engine, and Google Kubernetes Engine applications.

A global monitored resource is used as the default in other environments.

You can override the monitored resource type to a valid type in the Logback appender Configurationor the java.util.logging Handler Configuration.

Additional fields and labels

Using the Logback appender and the java.util.logging handler, you can add or update fields on a LogEntry object using an instance of LoggingEnhancer.

The enhancers must be configured as shown in theLogback appender configuration or thejava.util.logging handler configuration:

Use of custom labels might not be supported for your configuration. For example, Dataflow logs don't include these labels.

For more information on installation, see thedocumentation for the Cloud Logging library for Java. You can also report issues using theissue tracker.

Write logs with the Cloud Logging client library

For information on using the Cloud Logging client library for Java directly, see Cloud Logging Client Libraries.

Run on Google Cloud

For an application to write logs by using the Cloud Logging library for Java, the service account for the underlying resource must have theLogs Writer (roles/logging.logWriter) IAM role. Most Google Cloud environments automatically configure the default service account to have this role.

App Engine

Cloud Logging is automatically enabled for App Engine, and your app'sdefault service account has the IAM permissions by default to write log entries.

App Engine standard environment, bydefault, uses thejava.util.logging.LoggerAPI; this writes to Cloud Logging directly and is easy to configure.

For further details, see App Engine documentation onReading and Writing Application Logs.

App Engine flexible environment

On App Engine flexible environment,java.util.logging uses the ConsoleHandlerby default, and sends logs to stdout and stderr.

The Jetty Runtime is bundled with the Cloud Logging library for Java.

The java.util.logging handler can be used to log directly to Cloud Logging by providing the logging.properties in your app.yamlas shown here:

    env_variables:
      JETTY_ARGS: -Djava.util.logging.config.file=WEB-INF/logging.properties

Trace ID logging is available on Jetty runtimes if you are using the java.util.logging handler or the Logback appender.

When running on App Engine flexible environment, aTraceLoggingEnhancer instance adds a thread-safe trace ID to every log entry using the label trace_id.

Google Kubernetes Engine (GKE)

GKE automatically grants the default service account the Logs Writer (roles/logging.logWriter) IAM role. If you useWorkload Identity Federation for GKEwith this default service account to let workloads access specific Google Cloud APIs, then no additional configuration is required. However, if you use Workload Identity Federation for GKE with a custom IAM service account, then ensure that the custom service account has the role of Logs Writer (roles/logging.logWriter).

If needed, you can also use the following command to add the logging.writeaccess scope when creating the cluster:

gcloud container clusters create example-cluster-name \
    --scopes https://www.googleapis.com/auth/logging.write

Compute Engine

When using Compute Engine VM instances, add the cloud-platformaccess scope to each instance. When creating a new instance through the Google Cloud console, you can do this in the Identity and API access section of the Create Instance panel. Use the Compute Engine default service account or another service account of your choice, and selectAllow full access to all Cloud APIs in the Identity and API accesssection. Whichever service account you select, ensure that it has been granted theLogs Writer role in the IAM & Admin section of the Google Cloud console.

Run locally and elsewhere

To use the Cloud Logging library for Java outside of Google Cloud, including running the library on your own workstation, on your data center's computers, or on the VM instances of another cloud provider, you must set up Application Default Credentials (ADC) in your local environment to authenticate to the Cloud Logging library for Java.

For more information, seeSet up ADC for on-premises or another cloud provider.

View the logs

In the Google Cloud console, go to the Logs Explorer page:

Go to Logs Explorer

If you use the search bar to find this page, then select the result whose subheading isLogging.

In the Logs Explorer, you must specify one or more resources, but the resource selection might not be obvious. Here are some tips to help you get started:

• If you are deploying your application to App Engine or using the App Engine-specific libraries, set your resource toGAE Application.
• If you are deploying your application on Compute Engine, set the resource to GCE VM Instance.
• If you are deploying your application on Google Kubernetes Engine, your cluster's logging configuration determines the resource type of the log entries. For a detailed discussion on the Legacy Google Cloud Observability and the Google Cloud Observability Kubernetes Monitoring solutions, and how those options affect the resource type, seeMigrating to Google Cloud Observability Kubernetes Monitoring.
• If your application is using the Cloud Logging API directly, the resource is dependent on the API and your configuration. For example, in your application, you can specify a resource or use a default resource.
• If you don't see any logs in the Logs Explorer, to see all log entries, switch to the advanced query mode and use an empty query.
  1. To switch to the advanced query mode, click menu (▾) at the top of the Logs Explorer and then select Convert to advanced filter.
  2. Clear the content that appears in the filter box.
  3. Click Submit Filter.
     You can examine the individual entries to identify your resources.

For additional information, see Using the Logs Explorer.