Google Cloud Functions lets you deploy code without having to provision or maintain physical servers. Many organizations have adopted this approach to deploy critical applications on the cloud because of the dynamic scaling and reduced infrastructure costs.
Like all critical applications, it is essential to monitor the events in Google Cloud Functions to keep track of the changes made to cloud deployments. In an environment where multiple users are involved, figuring out who accessed or modified the resources on Cloud Functions could be difficult, especially if you are investigating an incident.
Log360, ManageEngine's SIEM solution, aggregates logs from Google Cloud Functions and presents the data in the form of actionable reports and graphs. It has a specialized range of reports for Google Cloud Platform, including reports for Cloud Functions.
Information such as time, method, service, resource, and caller IP will be parsed from the logs and presented in a report titled Recent Changes in Cloud Functions. These details and user activity data such as login and access can help keep track of the changes made to the resources on the cloud.
With Log360's machine learning algorithms, you can monitor Google Cloud Functions for events that deviate from established patterns. For instance, a user who normally does not log in after business hours has logged in. He or she then proceeds to modify some applications deployed on Cloud Functions. This incident will be logged as an anomaly, and a risk score will be assigned even if a security incident does not take place.
A high risk score indicates that the events that lead to this incident are worth investigating. This approach to security based on assessing risk can help security administrators eliminate security loopholes in their architecture.