You have an application deployed on Google Kubernetes Engine (GKE). The application logs are captured by Stackdriver Logging. You need to remove sensitive data before it reaches the Stackdriver Logging API. What should you do?
A. Write the log information to the container file system. Execute a second process inside the container that will filter the sensitive information before writing to Standard Output.
B. Customize the GKE clusters’ Fluentd configuration with a filter rule. Update the Fluentd Config Map and Daemon Set in the GKE cluster.
C. Configure a filter in the Stackdriver Logging UI to exclude the logs with sensitive data.
D. Configure BigQuery as a sink for the logs from Stackdriver Logging, and then create a Data Loss Prevention job.
Disclaimer
This is a practice question. There is no guarantee of coming this question in the certification exam.
Answer
B
Explanation
A. Write the log information to the container file system. Execute a second process inside the container that will filter the sensitive information before writing to Standard Output.
(GKE automatically integrates and enables monitoring and logging. We can also disable application logging.)
B. Customize the GKE clusters’ Fluentd configuration with a filter rule. Update the Fluentd Config Map and Daemon Set in the GKE cluster.
C. Configure a filter in the Stackdriver Logging UI to exclude the logs with sensitive data.
(The requirement is to remove data before it reaches Stackdriver. Filtering the data in the Operations UI is too late.)
D. Configure BigQuery as a sink for the logs from Stackdriver Logging, and then create a Data Loss Prevention job.
(Again, too late because the data is already in Stackdriver/Operations.)