Forwarding to Google PubSub

Google Pub/Sub allows services to communicate asynchronously and is used for streaming analytics and data integration pipelines to ingest and distribute data. It is equally effective as messaging-oriented middleware for service integration or as a queue to parallelize tasks. See Common Use Cases for more background details.


Event forwards originate from region-specific IPs. For the full list of outbound IPs by region, see SaaS Regions and IP Ranges. Update your firewall and allow inbound requests from these IP addresses to enable Sysdig to handle event forwarding.

NOTE: The permissions for the service account must be either Editor or Admin. Publisher is not sufficient.

Configure Standard Integration

  1. Log in to Sysdig Secure as Admin and go to Profile > Settings > Event Forwarding.

  2. Click +Add Integration and choose Google Pub/Sub from the drop-down menu.

  3. Configure the required options:

  • Integration Name: Define an integration name.

  • Project: Enter the Cloud Console project name you created in Google Pub/Sub.

  • Topic: Enter the Topic Name you created.

  • JSON Credentials: Enter the Service Account credentials you created.

  • Attributes: If you have chosen to embed custom attributes as metadata in Pub/Sub messages, enter them here.

  • Ordering Key: If you chose to have subscribers receive messages in order, enter the ordering key information you set up.

  • Data to Send: Select from the drop-down the types of Sysdig data that should be forwarded. The available list depends on the Sysdig features and products you have enabled.

  • Toggle the enable switch as necessary. Remember that you will need to “Test Integration” with the button below before enabling the integration.

  1. Click Save.

Configure Agent Local Forwarding

Review the configuration steps and use the following parameters for this integration.

TypeAttributeRequired?TypeAllowed valuesDefaultDescription
PUBSUBprojectyesstringproject hosting the target pub/sub
PUBSUBtopicyesstringpub/sub topic onto which publish the data
PUBSUBcredentialsJSONyesstringcredentials JSON file content used to authenticate as a service account in the project
PUBSUBattributesnosequence of mappingsExtra headers to add to the request. Each header mapping requires 2 keys: “key” for the header key and “value” for its value
PUBSUBorderingKeynostringThe key to use to order the messages. Required to enable ordered delivery