Google Cloud Observability

Google Cloud Observability helps you to understand the behavior, health, and performance of your applications running in GCI.

Kentik ingests three core telemetry types from Google Cloud: VPC flow logs (delivered via Cloud Pub/Sub), GCP metadata via API (projects, VPCs, subnets, regions, zones, firewall rules, routes, Cloud Interconnect attachments, and other infrastructure context), and Google Cloud Monitoring metrics for performance monitoring of GCP network services. Together, these provide complete visibility into traffic patterns, topology, and performance across Google Cloud environments. For Google Kubernetes Engine (GKE), Kentik also supports the eBPF-based Kentik Kappa agent for pod-level Kubernetes traffic visibility, and supports GKE’s extended flow logs for additional pod-aware metadata. Cloud Run logs collection is also supported for serverless workload visibility.

Kentik is delivered as SaaS, so there’s no on-premises infrastructure to deploy. GCP setup involves three steps: enable VPC flow logs in your GCP projects and configure them to publish to a Cloud Pub/Sub topic, create a pull subscription on that topic and grant the Kentik service account (kentik-vpc-flow@kentik-vpc-flow.iam.gserviceaccount.com) the Pub/Sub Subscriber and Viewer roles (plus Compute Viewer for metadata access), and configure a “cloud export” in the Kentik portal with your project and subscription details. Setup can be automated with the Kentik Terraform module for GCP. Kentik is also available on the Google Cloud Marketplace for procurement and billing through your existing Google Cloud account.

Kentik provides unified visibility across Google Cloud’s hybrid connectivity services by combining VPC flow logs, GCP metadata, and Google Cloud Monitoring metrics from Dedicated Interconnect, Partner Interconnect, and Cloud VPN. For Dedicated Interconnect and Partner Interconnect, Kentik shows utilization, performance, and traffic distribution across each connection, making it possible to monitor connectivity between on-premises data centers and Google Cloud regions. For Cloud VPN tunnels and Network Connectivity Center hubs, traffic flows can be traced end-to-end alongside on-premises NetFlow data — giving teams the visibility to troubleshoot hybrid connectivity issues without switching between GCP-native and on-premises tools.

Inter-region and inter-zone monitoring requires correlating VPC flow logs with GCP metadata (which regions and zones each resource belongs to) and synthetic tests between locations. Kentik supports this by automatically tagging flow records with region and zone information from GCP APIs, surfacing inter-region and inter-zone traffic patterns in the Kentik Map, and running synthetic tests from agents deployed in different GCP regions to measure latency, loss, and reachability between them. This makes it possible to detect performance regressions on specific paths, identify suboptimal routing decisions, and attribute the cost of cross-region or cross-zone data transfer to specific applications or business units.

Google Cloud data transfer charges accumulate from inter-region traffic, cross-zone communication, Cloud Interconnect egress, internet egress, and traffic between Google Cloud services — and most teams have limited visibility into which applications and workloads are driving the cost. Kentik analyzes VPC flow logs to surface the highest-cost flows, attribute traffic to specific projects, VPCs, services, or business units, and identify suboptimal routing decisions (for example, traffic crossing regions unnecessarily, or egressing through Premium Tier when Standard Tier would suffice, or traveling over the public internet when a private path is available). Teams use this data to optimize architecture, negotiate Google Cloud pricing with evidence, and reduce monthly data transfer spend.

For GKE, Kentik provides pod-level network visibility through the Kentik Kappa agent, an eBPF-based agent that captures container traffic without sidecar deployment overhead. Kappa surfaces pod-to-pod and pod-to-service traffic, including key performance indicators like retransmit rate and out-of-order packet rate, and correlates that traffic with the underlying VPC and GCP infrastructure context. Kentik also supports GKE’s extended flow logs format, which adds pod-aware metadata directly into VPC flow log records. The combination makes it possible to investigate microservice performance issues at both the Kubernetes layer and the GCP network layer in a single platform — useful when GKE performance problems turn out to have causes in VPC routing, firewall rules, or Google Cloud network paths.

Effective correlation requires both data sources to live in environments that share time-aligned context — typically by integrating an APM platform (Datadog, New Relic, Dynatrace) that captures application metrics with a network intelligence platform that captures cloud network telemetry, BGP routing, and synthetic measurements. Kentik supports this by ingesting GCP flow logs, GCP metadata, and synthetic test data, then exposing the results through APIs and integrations that connect with major APM platforms — letting application teams trace performance issues from service symptoms back to Google Cloud network root causes.

Google Cloud Monitoring and GCP native monitoring (Network Intelligence Center, VPC Flow Logs in Cloud Logging, Network Connectivity Center) are essential for GCP-specific operational visibility, but they’re scoped to Google Cloud itself. Kentik complements GCP native tooling by providing cross-environment analytics — correlating GCP traffic with on-premises NetFlow, multi-cloud telemetry from AWS and Azure, BGP routing, and internet path data — and by adding capabilities GCP native tools don’t provide, including ingest-time enrichment with BGP and AS path metadata, flow-level forensics across hybrid environments, cloud egress cost analytics with attribution by project and business unit, and AI-driven investigation through Kentik AI Advisor. Most teams use both: GCP native tools for GCP-specific operations and Kentik for the cross-environment network intelligence that GCP native tools weren’t designed to deliver.