This document describes audit logging for On-Demand Scanning API. Google Cloud services write audit logs that record administrative activities and accesses within your Google Cloud resources. For an overview of audit logs with information about the different types of audit logs, see Cloud Audit Logs overview.
This page was last generated on 2024-05-10 14:23:06 UTC.
Service name
On-Demand Scanning API audit logs use the service name ondemandscanning.googleapis.com.
Methods by permission type
Methods that check DATA_READ, DATA_WRITE, and ADMIN_READ
permission types are Data Access audit logs.
Methods that check ADMIN_WRITE permission types are Admin Activity audit logs.
| Permission type | Methods |
|---|---|
| DATA_READ | google.cloud.ondemandscanning.v1.ScannerService.ListVulnerabilities google.cloud.ondemandscanning.v1beta1.ScannerService.ListVulnerabilities |
| DATA_WRITE | google.cloud.ondemandscanning.v1.ScannerService.AnalyzePackages google.cloud.ondemandscanning.v1beta1.ScannerService.AnalyzePackages |
Audit logs per API interface
For information about which permissions are evaluated and how for each method, see the Identity and Access Management documentation for On-Demand Scanning API.
google.cloud.ondemandscanning.v1.ScannerService
Details about audit logs associated with methods belonging to google.cloud.ondemandscanning.v1.ScannerService.
google.cloud.ondemandscanning.v1.ScannerService.AnalyzePackages
- Method: google.cloud.ondemandscanning.v1.ScannerService.AnalyzePackages
- Audit log Type: Data Access
- Permissions:
ondemandscanning.scans.analyzePackages - DATA_WRITE
- Method is a Long Running Operation or Streaming:
Long Running Operation
- Filter for this method:
protoPayload.methodName="google.cloud.ondemandscanning.v1.ScannerService.AnalyzePackages"
google.cloud.ondemandscanning.v1.ScannerService.ListVulnerabilities
- Method: google.cloud.ondemandscanning.v1.ScannerService.ListVulnerabilities
- Audit log Type: Data Access
- Permissions:
ondemandscanning.scans.listVulnerabilities - DATA_READ
- Method is a Long Running Operation or Streaming: No.
- Filter for this method:
protoPayload.methodName="google.cloud.ondemandscanning.v1.ScannerService.ListVulnerabilities"
google.cloud.ondemandscanning.v1beta1.ScannerService
Details about audit logs associated with methods belonging to google.cloud.ondemandscanning.v1beta1.ScannerService.
google.cloud.ondemandscanning.v1beta1.ScannerService.AnalyzePackages
- Method: google.cloud.ondemandscanning.v1beta1.ScannerService.AnalyzePackages
- Audit log Type: Data Access
- Permissions:
ondemandscanning.scans.analyzePackages - DATA_WRITE
- Method is a Long Running Operation or Streaming:
Long Running Operation
- Filter for this method:
protoPayload.methodName="google.cloud.ondemandscanning.v1beta1.ScannerService.AnalyzePackages"
google.cloud.ondemandscanning.v1beta1.ScannerService.ListVulnerabilities
- Method: google.cloud.ondemandscanning.v1beta1.ScannerService.ListVulnerabilities
- Audit log Type: Data Access
- Permissions:
ondemandscanning.scans.listVulnerabilities - DATA_READ
- Method is a Long Running Operation or Streaming: No.
- Filter for this method:
protoPayload.methodName="google.cloud.ondemandscanning.v1beta1.ScannerService.ListVulnerabilities"