Gemini Cloud Assist investigations are a root-cause analysis (RCA) tool for troubleshooting your infrastructure and applications in complex and distributed cloud environments. Investigations can help you understand, diagnose, and resolve issues in Google Cloud. With investigations, you can streamline incident response by reducing the time to resolution and improving your overall availability, all with less effort.
Benefits of Gemini Cloud Assist investigations
Troubleshoot issues in-context.
Gemini Cloud Assist investigations are integrated into your current workflows.
See what Gemini Cloud Assist sees.
An investigation produces Observations, which are insights about your environment's state that are most relevant to the issue. Observations help you to quickly understand what is happening in your environment and are based on Gemini Cloud Assist's review of data sources such as logs, configurations, and metrics. Analysis across data sources might come from procedural runbooks, broad signal analysis, or tools. Observations are then ranked and filtered to help you focus on the information that is most relevant to your issue. Included in the observations are links to the source data that informs each observation, which lets you further investigate and fact check the observations.
Diagnose issues.
Investigations synthesizes the observations and uses domain-specific knowledge to identify probable root causes. Public and private knowledge is used to explain the context around the root cause, making it easier to understand. When there is uncertainty, multiple root causes can be provided as hypotheses. You can iterate on the investigation and create new revisions to drill deeper into certain areas.
Resolve issues.
Investigations recommends the next troubleshooting steps or fixes to help you resolve the issue. References to specific resources or time periods gives you relevant information that would have taken longer to gather on your own, enabling you to get to a resolution faster, with less effort.
Get additional support.
If you need additional support, your investigation can be seamlessly transferred into a Google Cloud support case. The details of your investigation can be used by a support engineer so that they have the context from your troubleshooting, helping you resolve cases faster, with less back and forth.
Supported Google Cloud products
Supported products are those that investigations support troubleshooting for. Gemini Cloud Assist investigations support the following Google Cloud products:
- App Hub
- Cloud SQL
- Cloud Storage
- Compute Engine
- Google Kubernetes Engine
- Cloud Networking
- Cloud Run
- Dataproc on Compute Engine
- Google Cloud Serverless for Apache Spark
- Pub/Sub
- BigQuery
- Bigtable
- Cloud Composer
- Dataflow
- Spanner
- Memorystore for Redis
- Identity and Access Management
- Cloud Quotas
Not all resources within supported products are, themselves, supported. Some tools, such as the Google Cloud console, prevent you from adding an unsupported resource to an investigation or seeing an investigation button associated with an unsupported resource; however, other tools, such as direct REST API requests, can run an investigation even if it includes unsupported or misspelled resources. A good practice when reviewing the results of your investigation is to confirm that any resources you specify in your initial investigation are mentioned in the output observations. If a resource isn't mentioned in the output but seems like it should be, it's likely the resource is either unsupported or misspelled.
Entry points
You can initiate an investigation in the following places in the Google Cloud console:
-
Click Create to initiative an investigation.
The Logs Explorer
The Investigate button appears on logs for supported resources when the log has a severity level of "Warning" or higher. When initiating an investigation in the Logs Explorer, the log message, start time, and any relevant resources from the log are automatically pre-populate into the investigation creation panel. You can optionally edit or add information before running the investigation.
-
The Investigate button appears for alerts that have a resource label. When initiating an investigation for an alert, a title, issue description, start time, and relevant resources for the alert are automatically pre-populated into the investigation creation panel. You can optionally edit or add information before running the investigation.
The Gemini Cloud Assist chat panel
The New investigation option appears in the chat panel's New drop-down menu.
-
The Create investigation button appears in the Health & troubleshooting page. You can view and initiate investigations scoped to either a project or application.
Within specific product pages.
You can initiate investigations from within supported product pages, such as workloads in Google Kubernetes Engine that have alerts or Dataproc batches that fail.
The following options are also available for initiating and viewing investigations:
-
Investigations are initiated by going to the Observability tab and selecting Investigations.
Direct API requests
Considerations
Each investigation uses an OAuth 2.0 token as part of its normal operation. The investigation creates a token from an existing grant and, if necessary, requests a new grant that has a scope of
API_CLOUD_PLATFORM.The access provided by the OAuth 2.0 token is limited to the access available to the user who initiates the investigation.
The OAuth 2.0 token is never used for mutating data.
A Gemini Cloud Assist investigation creates an investigation resource, which includes within it annotations and observations. This information can be stored in any Google Cloud data center. You shouldn't perform investigations on data subject to residency or jurisdictional regulatory compliances. For the support status of other security features, see Certifications and security for Gemini.
Gemini Cloud Assist investigations analyze global Google Cloud resources as part of an investigation, such as logs.
Investigations don't analyze location-specific content, such as data stored in regional log buckets.
Investigations don't analyze data residing outside of Google Cloud.
The user who creates an investigation is automatically granted the Investigation Owner (
roles/geminicloudassist.investigationOwner) IAM role for that specific investigation.Investigations are designed for targeted troubleshooting within Google Cloud environments. An investigation is limited to diagnosing issues within a single Google Cloud project or single App Hub application.
For a project-level investigation, the results of the investigation are stored within the project that created the investigation.
For an application-level investigation, the investigation is created within the App Hub management project of an app-enabled folder, and the results are stored within the application's administrative boundary. The investigation analyzes resources within the selected application, even if they're spread across different projects.
Investigations are not available for applications created in a host project.
Investigations are subject to the general limitations of AI technology.
Investigation runs are dynamic, which means re-running the same investigation can produce results with small differences. Some of the factors that contribute to differences between runs include the probabilistic nature of output from large-language models such as Gemini and the fact that the overall state of Google Cloud is not static.
Timestamps are a key piece of information in effective investigations. For the best results, verify that the start time reported in the investigation is reasonably accurate.
Feedback
User feedback is an important mechanism for improving the quality and performance of investigations. You can provide feedback in the following ways:
Configure prompt and response sharing for Gemini Cloud Assist in your project. By default, Google Cloud does not examine either the inputs or outputs associated with your investigations.
Provide feedback on investigations by clicking on the Thumbs Up or Thumbs Down icons in any investigation. This records whether you found that specific investigation to be helpful. This feedback mechanism only records the specific feedback that you provide; it does not record any inputs or generated outputs of the investigation.