Cloud Audit Logs

Gain visibility into who did what, when, and where for all user activity on Google Cloud Platform.

Gain visibility over user activity

Gain visibility over user activity in the cloud

Cloud Audit Logs helps security teams maintain audit trails in Google Cloud Platform (GCP). With this tool, enterprises can attain the same level of transparency over administrative activities and accesses to data in Google Cloud Platform as in on-premises environments. Every administrative activity is recorded on a hardened, always-on audit trail, which cannot be disabled by any rogue actor. Data access logs can be customized to best suit your organization’s need around monitoring and compliance.

Real-time delivery of audit event

Real-time delivery of audit event

Receive near-real-time delivery of the audit events in Cloud Audit Logs within seconds of the occurrence. With this tool, you can quickly assess and act on any identified behavior in the most appropriate ways for your organization.

Immutable audit trail

Immutable audit trail

Cloud Audit Logs reside in highly protected storage, resulting in a secure, immutable and highly durable audit trail.

End-to-end transparency

End-to-end transparency in a single pane of glass

Cloud Audit Logs features Admin Activity logs documenting administrative events, and Data Access logs record accesses to your cloud data by your users. The service is also coupled with Google Cloud’s Access Transparency service, which surfaces near real-time logs of GCP administrator access to your systems and data.

Default encryption

Default encryption

Cloud Audit Logs is encrypted at rest using either AES256 or AES128, which is also used to help protect the rest of Google’s infrastructure. For more information, check out the Encryption At Rest Whitepaper and Encryption in Transit Whitepaper.

Features

Automated visibility

Integrated with many GCP security products, Cloud Audit Logs provides your security operations team with information on which user or account issued which GCP API call from which IP address.

Incident management

A native part of Stackdriver, Cloud Audit Logs gives you powerful incident management tools to monitor, alert, and act on potential incidents.

Compliance by default

Cloud Audit Logs provides you with always-on Admin Activity audit logs to simplify your compliance processes by automatically recording administrative events.

Integration with partners

This service provides easy-to-use integration guides with popular SIEM partners via flexible Cloud Pub/Sub integration and managed integration modules.

Pricing

Feature Default retention period Pricing
Admin Activity audit logs 400 days No additional charge
Data Access audit logs 30 days $ 0.50 / GiB (Standard Stackdriver price)
System event audit logs 400 days No additional charge

Resources

Google Cloud

Get started

Learn and build

New to GCP? Get started with any GCP product for free with a $300 credit.

Need more help?

Our experts will help you build the right solution or find the right partner for your needs.