Cloud Audit Logs

Gain visibility into who did what, when, and where for all user activity on Google Cloud Platform.

View documentation for this product.

Gain visibility over user activity in the cloud

Gain visibility over user activity in the cloud

Cloud Audit Logs helps security teams maintain audit trails in Google Cloud Platform (GCP). With this tool, enterprises can attain the same level of transparency over administrative activities and accesses to data in Google Cloud Platform as in on-premises environments. Every administrative activity is recorded on a hardened, always-on audit trail, which cannot be disabled by any rogue actor. Data access logs can be customized to best suit your organization’s need around monitoring and compliance.

Real-time delivery of audit event

Receive near-real-time delivery of the audit events in Cloud Audit Logs within seconds of the occurrence. With this tool, you can quickly assess and act on any identified behavior in the most appropriate ways for your organization.

Immutable audit trail

Cloud Audit Logs reside in highly protected storage, resulting in a secure, immutable, and highly durable audit trail.

End-to-end transparency in a single pane of glass

Cloud Audit Logs features Admin Activity logs documenting administrative events, and Data Access logs record accesses to your cloud data by your users. The service is also coupled with Google Cloud’s Access Transparency service, which surfaces near real-time logs of GCP administrator access to your systems and data.

Default encryption

Cloud Audit Logs is encrypted at rest using either AES256 or AES128, which is also used to help protect the rest of Google’s infrastructure. For more information, check out the Encryption At Rest Whitepaper and Encryption in Transit Whitepaper.


Automated visibility

Integrated with many GCP security products, Cloud Audit Logs provides your security operations team with information on which user or account issued which GCP API call from which IP address.

Incident management

A native part of Stackdriver, Cloud Audit Logs gives you powerful incident management tools to monitor, alert, and act on potential incidents.

Compliance by default

Cloud Audit Logs provides you with always-on Admin Activity audit logs to simplify your compliance processes by automatically recording administrative events.

Integration with partners

This service provides easy-to-use integration guides with popular SIEM partners via flexible Cloud Pub/Sub integration and managed integration modules.

Technical resources


Feature Default retention period Pricing
Admin Activity audit logs 400 days No additional charge
Data Access audit logs 30 days $ 0.50 / GiB (Standard Stackdriver price)
System event audit logs 400 days No additional charge
Google Cloud

Get started

Learn and build

New customers get $300 in free credits to learn and build on Google Cloud for up to 12 months.

Need more help?

Our experts will help you build the right solution or find the right partner for your needs.