Google Cloud Professional Cloud DevOps Engineer — Question 75

You are running an application on Compute Engine and collecting logs through Stackdriver. You discover that some personally identifiable information (PII) is leaking into certain log entry fields. You want to prevent these fields from being written in new log entries as quickly as possible. What should you do?

Answer options

• A. Use the filter-record-transformer Fluentd filter plugin to remove the fields from the log entries in flight.
• B. Use the fluent-plugin-record-reformer Fluentd output plugin to remove the fields from the log entries in flight.
• C. Wait for the application developers to patch the application, and then verify that the log entries are no longer exposing PII.
• D. Stage log entries to Cloud Storage, and then trigger a Cloud Function to remove the fields and write the entries to Stackdriver via the Stackdriver Logging API.

Correct answer: A

Explanation

The correct answer is A because using the filter-record-transformer Fluentd filter plugin allows for real-time removal of sensitive fields from log entries before they are stored. Option B is incorrect as the fluent-plugin-record-reformer is an output plugin and does not modify logs in transit. Options C and D are not proactive solutions, as they involve waiting for developer intervention or additional processing steps that delay the resolution.