Google Firestore Integration
Document read/write rates, index utilization, and real-time listener counts for Firestore. Detect costly collection scans, monitor listener storms, and track document operation costs.
How It Works
Create a GCP Service Account
Create a service account with the Monitoring Viewer and Cloud Datastore Viewer roles. TigerOps uses these roles to collect Firestore metrics through the Cloud Monitoring API.
Enable Cloud Monitoring API
Enable the Cloud Monitoring API and Cloud Firestore API in your GCP project. TigerOps will pull document operation counts, index query rates, and listener connection metrics.
Configure TigerOps Firestore
Enter your project credentials in TigerOps and select the Firestore databases to monitor. TigerOps auto-discovers all Firestore databases in native and Datastore mode.
Set Cost and Performance Alerts
Configure read/write rate thresholds, active listener count limits, and estimated cost alerts. TigerOps monitors document operation costs and fires alerts before monthly budgets are exceeded.
What You Get Out of the Box
Document Read/Write Rate Tracking
Monitor reads, writes, and deletes per second per Firestore database. TigerOps detects operation rate spikes and correlates them with application deployments, traffic surges, and client SDK changes.
Index Query Performance
Track index usage rates, composite index hit counts, and document scan ratios. TigerOps identifies queries performing full collection scans and recommends index additions to reduce read costs.
Real-Time Listener Monitoring
Monitor active snapshot listener counts and listener connection rates. TigerOps alerts when listener counts approach limits and identifies connection storms from misbehaving client applications.
Storage & Document Count
Track total storage bytes, document counts, and storage growth rates per database. TigerOps projects storage cost trajectories and alerts when growth exceeds expected patterns.
Cost Anomaly Detection
TigerOps models your Firestore operation costs and alerts when daily read or write costs deviate from the baseline. Correlate cost spikes with specific collections, service accounts, or feature releases.
Security Rule Evaluation
Monitor Firestore security rule evaluation counts and denied request rates. TigerOps alerts on elevated security rule denial rates that may indicate unauthorized access attempts or misconfigured rules.
Firestore Integration Setup
Configure TigerOps to monitor your Firestore databases with GCP service account credentials.
# TigerOps Google Firestore Integration
# Required IAM roles:
# roles/monitoring.viewer
# roles/datastore.viewer
integrations:
gcp_firestore:
project_id: "your-gcp-project-id"
credentials_file: "./tigerops-sa-key.json"
# Database IDs to monitor (empty = all databases)
databases:
- "(default)"
- "analytics-db"
scrape_interval: 60s
metrics:
- firestore.googleapis.com/document/read_count
- firestore.googleapis.com/document/write_count
- firestore.googleapis.com/document/delete_count
- firestore.googleapis.com/network/snapshot_listeners
- firestore.googleapis.com/network/active_connections
- firestore.googleapis.com/rules/denied_request_count
alerts:
read_rate_per_second: 10000
write_rate_per_second: 5000
listener_count_max: 50000
security_denial_rate_per_minute: 100
daily_read_cost_usd: 50
daily_write_cost_usd: 25Common Questions
Does TigerOps support Firestore in both Native mode and Datastore mode?
Yes. TigerOps monitors Firestore in both Native mode and Datastore mode via the Cloud Monitoring API. The metrics namespace differs (firestore.googleapis.com vs datastore.googleapis.com), and TigerOps handles both automatically.
Can TigerOps help identify expensive Firestore queries that cause high read costs?
Yes. TigerOps monitors document read rates and correlates high-read-count operations with collection scan patterns (queries without matching indexes). When collection scan rates are high, TigerOps flags the issue and recommends adding composite indexes.
How does TigerOps count real-time listener connections?
TigerOps uses the firestore.googleapis.com/document/snapshot_listeners metric to track active listener counts. This includes both Mobile SDK listeners and server-side listeners from Cloud Functions triggers and backend services.
Can TigerOps alert on Firestore security rule denials?
Yes. TigerOps monitors the rules/denied_request_count metric and fires alerts when denial rates exceed a configurable threshold. Elevated denial rates can indicate unauthorized access attempts, client-side permission bugs, or security rule misconfiguration.
Does TigerOps monitor Firestore across multiple GCP projects?
Yes. You can add service accounts for multiple GCP projects to TigerOps. Firestore metrics from all projects are aggregated in a unified dashboard with project-level filtering. This is useful for organizations with separate dev, staging, and production GCP projects.
Control Your Firestore Costs Before They Spiral
Read/write cost monitoring, collection scan detection, and listener storm alerts for Firestore. Connect in minutes.