I want to analyse GCP logs in real time and make alerts from it. Because analysis depends on some aggregations and correlations (example: event A happend less then 10 min from the event B so there should be an alert), the Cloud Logging – Logs Analytics seems as the perfect solution for that. I would like to run scheduled Cloud Function (let say every 5 min) that runs SQL queries on Log bucket and if there is a match it will send an alert.