Description

We have found that {GcpVpc} VPC doesn't have a DNS policy with cloud logging enabled. Cloud DNS logging records the queries from the name servers within your VPC to Stackdriver. Logged queries can come from Compute Engine VMs, GKE containers, or other GCP resources provisioned within the VPC. Monitoring of Cloud DNS logs provides visibility to DNS names requested by the clients within the VPC. These logs can be monitored for anomalous domain names, evaluated against threat intelligence, etc.
  • Recommended Mitigation

    Configure DNS policy with cloud logging enabled