Backup for GKE is a service for backing up and restoring workloads in GKE clusters. For more details, refer to the GCP documentation.
You can collect the logs for Sumo Logic's Google Cloud Backup for GKE integration by following the below steps.
Configure logs collection
Collect Audit Logs using the Google Cloud Platform source. These Audit Logs can be accessed based on the permissions and roles. To enable logging for Google Backup for GKE, refer to Google documentation. For more detail on Backup for GKE operations being audited, refer to audited operations. While creating the sync in GCP, as part of the Choose logs to include in sink section, you can use the following query:
(resource.type=audited_resource AND resource.labels.service=gkebackup.googleapis.com)
Collect Platform Logs using the Google Cloud Platform source. Here are the details of platforms logs for Backup for GKE. While creating the sync in GCP, as part of the Choose logs to include in sink section, you can use the following query:
(resource.type=(gkebackup.googleapis.com/BackupPlan OR gkebackup.googleapis.com/RestorePlan))