GCP - Monitoring Enum

Reading time: 3 minutes

Basic Information

Google Cloud Monitoring offers a suite of tools to monitor, troubleshoot, and improve the performance of your cloud resources. From a security perspective, Cloud Monitoring provides several features that are crucial for maintaining the security and compliance of your cloud environment:

Policies

Policies define conditions under which alerts are triggered and how notifications are sent. They allow you to monitor specific metrics or logs, set thresholds, and determine where and how to send alerts (like email or SMS).

Dashboards

Monitoring Dashboards in GCP are customizable interfaces for visualizing the performance and status of cloud resources. They offer real-time insights through charts and graphs, aiding in efficient system management and issue resolution.

Channels

Different channels can be configured to send alerts through various methods, including email, SMS, Slack, and more.

Moreover, when an alerting policy is created in Cloud Monitoring, it's possible to specify one or more notification channels.

Snoozers

A snoozer will prevent the indicated alert policies to generate alerts or send notifications during the indicated snoozing period. Additionally, when a snooze is applied to a metric-based alerting policy, Monitoring proceeds to resolve any open incidents that are linked to that specific policy.

Enumeration

# Get policies
gcloud alpha monitoring policies list
gcloud alpha monitoring policies describe <policy>

# Get dashboards
gcloud monitoring dashboards list
gcloud monitoring dashboards describe <dashboard>

# Get snoozers
gcloud monitoring snoozes list
gcloud monitoring snoozes describe <snoozer>

# Get Channels
gcloud alpha monitoring channels list
gcloud alpha monitoring channels describe <channel>

Post Exploitation

GCP - Monitoring Post Exploitation

References

• https://cloud.google.com/monitoring/alerts/manage-snooze#gcloud-cli