Cloud Audit Logs

Gain visibility into who did what, when, and where for all user activity on Google Cloud Platform.

View documentation for this product.

Cloud Audit Logs overview logo

Gain visibility over user activity in the cloud

Cloud Audit Logs helps security teams maintain audit trails in Google Cloud Platform (GCP). With this tool, enterprises can attain the same level of transparency over administrative activities and accesses to data in Google Cloud Platform as in on-premises environments. Every administrative activity is recorded on a hardened, always-on audit trail, which cannot be disabled by any rogue actor. Data access logs can be customized to best suit your organization’s need around monitoring and compliance.
Real-time delivery of audit event logo

Real-time delivery of audit event

Receive near-real-time delivery of the audit events in Cloud Audit Logs within seconds of the occurrence. With this tool, you can quickly assess and act on any identified behavior in the most appropriate ways for your organization.

Immutable audit trail logo

Immutable audit trail

Cloud Audit Logs reside in highly protected storage, resulting in a secure, immutable, and highly durable audit trail.

End-to-end transparency in a single pane of glass logo

End-to-end transparency in a single pane of glass

Cloud Audit Logs features Admin Activity logs documenting administrative events, and Data Access logs record accesses to your cloud data by your users. The service is also coupled with Google Cloud’s Access Transparency service, which surfaces near real-time logs of GCP administrator access to your systems and data.

Default encryption logo

Default encryption

Cloud Audit Logs is encrypted at rest using either AES256 or AES128, which is also used to help protect the rest of Google’s infrastructure. For more information, check out the Encryption At Rest Whitepaper and Encryption in Transit Whitepaper.


Automated visibility

Integrated with many Google Cloud security products, Cloud Audit Logs provides your security operations team with information on which user or account issued which Google Cloud API call from which IP address.

Incident management

Cloud Audit Logs gives you powerful incident management tools to monitor, alert, and act on potential incidents.

Compliance by default

Cloud Audit Logs provides you with always-on Admin Activity audit logs to simplify your compliance processes by automatically recording administrative events.

Integration with partners

This service provides easy-to-use integration guides with popular SIEM partners via flexible Pub/Sub integration and managed integration modules.


Feature Default retention period Pricing
Admin Activity audit logs 400 days No additional charge
Data Access audit logs 30 days $ 0.50 / GiB (Standard price)
System event audit logs 400 days No additional charge

Take the next step

Start building on Google Cloud with $300 in free credits and 20+ always free products.

Need help getting started?
Work with a trusted partner
Continue browsing

Take the next step

Gain visibility for all user activity on GCP.

Need help getting started?
Work with a trusted partner
Get tips & best practices