Understanding Findings
A Finding represents an issue, optimization opportunity, or security gap detected during a SmartSRE scan.
Finding Structure
Each finding contains:
| Field | Description |
|---|---|
id | Unique identifier for tracking |
service | GCP service (e.g., cloudrun, bigquery) |
resource_id | Full resource path |
issue_type | Category of the issue |
severity | Impact level (Critical → Info) |
details | Issue-specific metadata |
timestamp | When the issue was detected |
Severity Levels
Critical
Immediate action required. Security breach, service outage, or data exposure risk.
Examples:
- Public Cloud Storage bucket with sensitive data
- Expired SSL certificate
- Leaked service account key
High
Significant impact. Performance degradation, cost overrun, or availability risk.
Examples:
- Memory OOM crashes on Cloud Run
- Runaway BigQuery query costs
- GKE node pool at capacity
Medium
Should address soon. Suboptimal configuration affecting cost or performance.
Examples:
- Over-provisioned Cloud Run memory (using 10% of allocated)
- Missing table partitioning on large BigQuery tables
- GCS bucket without lifecycle policy
Low
Nice to fix. Minor optimization with limited impact.
Examples:
- Unused but inexpensive resources
- Suboptimal but stable configuration
- Minor cost savings opportunities
Info
Informational only. No action required.
Examples:
- Successful configuration confirmations
- Compliance status reports
- Resource inventory summaries
Issue Types by Service
Cloud Run
| Issue Type | Severity | Description |
|---|---|---|
high_memory_usage | High | Memory utilization > 90% |
low_memory_usage | Medium | Memory utilization < 20% |
high_cpu_usage | High | CPU utilization > 85% |
cold_start_risk | Medium | Min instances = 0 with high traffic |
high_error_rate | High | Error rate > 5% |
high_request_latency | Medium | P95 latency > 2 seconds |
BigQuery
| Issue Type | Severity | Description |
|---|---|---|
expensive_query | High | Query cost > threshold |
unpartitioned_table | Medium | Large table without partitioning |
no_clustering | Low | Table could benefit from clustering |
expired_table | Medium | Table not queried in 90+ days |
slot_overutilization | High | Slot usage > 95% |
Cloud Storage
| Issue Type | Severity | Description |
|---|---|---|
public_bucket | Critical | Bucket accessible to allUsers |
no_lifecycle_policy | Medium | No automatic object cleanup |
uniform_bucket_access | Low | Could enable uniform bucket-level access |
cold_bucket | Low | No access in 180+ days |
Cloud SQL
| Issue Type | Severity | Description |
|---|---|---|
high_connection_count | High | Connection pool exhausted |
no_ha | Medium | Single-zone instance without HA |
disk_usage_high | High | Storage > 85% utilized |
no_ssl | Critical | Unencrypted connections allowed |
Filtering Findings
By Severity
Use the severity filter dropdown to focus on critical issues first.
By Service
Filter to a specific GCP service to see only relevant findings.
By Resource
Search by resource name or ID to find issues affecting specific resources.
Finding Actions
Fix
Apply the recommended remediation. Opens the ChangeSet viewer showing:
- Proposed operations
- Cost/impact estimates
- Required approvals
Ignore
Mark the finding as acknowledged but not actionable. Useful for:
- Accepted risks
- Known configuration choices
- False positives
View Details
Expand the finding to see:
- Full resource configuration
- Historical trend (if available)
- Related findings on the same resource
Bulk Operations
Fix All
Select multiple findings and apply all recommended fixes at once.
Bulk fixes are subject to the same risk guardrails as individual fixes. High-impact changes will require approval.
Export
Export findings to CSV or JSON for reporting or external analysis.
Next Steps
- Applying Fixes — Execute remediation actions
- Risk Guardrails — Understand when fixes require approval
- Service Guides — Deep dive into service-specific findings