- JSON representation
- BigQueryAuditMetadata.JobInsertion
- BigQueryAuditMetadata.Job
- BigQueryAuditMetadata.JobConfig
- BigQueryAuditMetadata.JobConfig.Query
- BigQueryAuditMetadata.TableDefinition
- BigQueryAuditMetadata.EncryptionInfo
- BigQueryAuditMetadata.JobConfig.Load
- BigQueryAuditMetadata.JobConfig.Extract
- BigQueryAuditMetadata.JobConfig.TableCopy
- BigQueryAuditMetadata.JobStatus
- BigQueryAuditMetadata.JobStats
- BigQueryAuditMetadata.JobStats.Query
- BigQueryAuditMetadata.JobStats.Load
- BigQueryAuditMetadata.JobStats.Extract
- BigQueryAuditMetadata.JobStats.ReservationResourceUsage
- BigQueryAuditMetadata.JobChange
- BigQueryAuditMetadata.DatasetCreation
- BigQueryAuditMetadata.Dataset
- BigQueryAuditMetadata.EntityInfo
- BigQueryAuditMetadata.BigQueryAcl
- BigQueryAuditMetadata.DatasetChange
- BigQueryAuditMetadata.DatasetDeletion
- BigQueryAuditMetadata.TableCreation
- BigQueryAuditMetadata.Table
- BigQueryAuditMetadata.TableViewDefinition
- BigQueryAuditMetadata.TableChange
- BigQueryAuditMetadata.TableDeletion
- BigQueryAuditMetadata.TableDataRead
- BigQueryAuditMetadata.TableDataChange
- BigQueryAuditMetadata.ModelDeletion
- BigQueryAuditMetadata.ModelCreation
- BigQueryAuditMetadata.Model
- BigQueryAuditMetadata.ModelMetadataChange
- BigQueryAuditMetadata.ModelDataChange
- BigQueryAuditMetadata.ModelDataRead
- BigQueryAuditMetadata.RoutineCreation
- BigQueryAuditMetadata.Routine
- BigQueryAuditMetadata.RoutineChange
- BigQueryAuditMetadata.RoutineDeletion
- BigQueryAuditMetadata.RowAccessPolicyCreation
- BigQueryAuditMetadata.RowAccessPolicy
- BigQueryAuditMetadata.RowAccessPolicyChange
- BigQueryAuditMetadata.RowAccessPolicyDeletion
BigQueryAuditMetaData is exposed as part of the new AuditData.metadata messages.
| JSON representation | |
|---|---|
{ // Union field |
|
| Fields | ||
|---|---|---|
Union field event. BigQuery event information. event can be only one of the following: |
||
jobInsertion |
Job insertion event. |
|
jobChange |
Job state change event. |
|
datasetCreation |
Dataset creation event. |
|
datasetChange |
Dataset change event. |
|
datasetDeletion |
Dataset deletion event. |
|
tableCreation |
Table creation event. |
|
tableChange |
Table metadata change event. |
|
tableDeletion |
Table deletion event. |
|
tableDataRead |
Table data read event. |
|
tableDataChange |
Table data change event. |
|
modelDeletion |
Model deletion event. |
|
modelCreation |
Model creation event. |
|
modelMetadataChange |
Model metadata change event. |
|
modelDataChange |
Model data change event. |
|
modelDataRead |
Model data read event. |
|
routineCreation |
Routine creation event. |
|
routineChange |
Routine change event. |
|
routineDeletion |
Routine deletion event. |
|
rowAccessPolicyCreation |
Row access policy create event. |
|
rowAccessPolicyChange |
Row access policy change event. |
|
rowAccessPolicyDeletion |
Row access policy deletion event. |
|
BigQueryAuditMetadata.JobInsertion
Job insertion event.
| JSON representation | |
|---|---|
{ "job": { object ( |
|
| Fields | |
|---|---|
job |
Job metadata. |
reason |
Describes how the job was inserted. |
BigQueryAuditMetadata.Job
BigQuery job.
| JSON representation | |
|---|---|
{ "jobName": string, "jobConfig": { object ( |
|
| Fields | |
|---|---|
jobName |
Job URI. Format: |
jobConfig |
Job configuration. |
jobStatus |
Job status. |
jobStats |
Job statistics. |
BigQueryAuditMetadata.JobConfig
Job configuration. See the Jobs API resource for more details on individual fields.
| JSON representation | |
|---|---|
{ "type": enum ( |
|
| Fields | ||
|---|---|---|
type |
Job type. |
|
labels |
Labels provided for the job. An object containing a list of |
|
Union field config. Job configuration information. config can be only one of the following: |
||
queryConfig |
Query job information. |
|
loadConfig |
Load job information. |
|
extractConfig |
Extract job information. |
|
tableCopyConfig |
TableCopy job information. |
|
BigQueryAuditMetadata.JobConfig.Query
Query job configuration.
| JSON representation | |
|---|---|
{ "query": string, "queryTruncated": boolean, "destinationTable": string, "createDisposition": enum ( |
|
| Fields | |
|---|---|
query |
The SQL query to run. Truncated if exceeds 50K. |
queryTruncated |
True if the query field was truncated. |
destinationTable |
The destination table for the query results. |
createDisposition |
Destination table create disposition. |
writeDisposition |
Destination table write disposition. |
defaultDataset |
Default dataset for the query. |
tableDefinitions[] |
External data sources used in the query. |
priority |
Priority given to the query. |
destinationTableEncryption |
Result table encryption information. Set when non-default encryption is used. |
statementType |
Type of the query. |
BigQueryAuditMetadata.TableDefinition
Definition of an external data source used in a query.
| JSON representation | |
|---|---|
{ "name": string, "sourceUris": [ string ] } |
|
| Fields | |
|---|---|
name |
Name of the table, used in queries. |
sourceUris[] |
URIs for the data. |
BigQueryAuditMetadata.EncryptionInfo
Encryption properties for a table or a job
| JSON representation | |
|---|---|
{ "kmsKeyName": string } |
|
| Fields | |
|---|---|
kmsKeyName |
Cloud kms key identifier. Format: |
BigQueryAuditMetadata.JobConfig.Load
Load job configuration.
| JSON representation | |
|---|---|
{ "sourceUris": [ string ], "sourceUrisTruncated": boolean, "schemaJson": string, "schemaJsonTruncated": boolean, "destinationTable": string, "createDisposition": enum ( |
|
| Fields | |
|---|---|
sourceUris[] |
URIs for the data to be imported. Entire list is truncated if exceeds 40K. |
sourceUrisTruncated |
True if the source_URIs field was truncated. |
schemaJson |
The table schema in JSON format. Entire field is truncated if exceeds 40K. |
schemaJsonTruncated |
True if the schemaJson field was truncated. |
destinationTable |
The destination table for the import. |
createDisposition |
Destination table create disposition. |
writeDisposition |
Destination table write disposition. |
destinationTableEncryption |
Result table encryption information. Set when non-default encryption is used. |
BigQueryAuditMetadata.JobConfig.Extract
Extract job configuration.
| JSON representation | |
|---|---|
{ "destinationUris": [ string ], "destinationUrisTruncated": boolean, // Union field |
|
| Fields | ||
|---|---|---|
destinationUris[] |
URIs where extracted data should be written. Entire list is truncated if exceeds 50K. |
|
destinationUrisTruncated |
True if the destination_URIs field was truncated. |
|
Union field
|
||
sourceTable |
The source table. |
|
sourceModel |
The source model. |
|
BigQueryAuditMetadata.JobConfig.TableCopy
Table copy job configuration.
| JSON representation | |
|---|---|
{ "sourceTables": [ string ], "sourceTablesTruncated": boolean, "destinationTable": string, "createDisposition": enum ( |
|
| Fields | |
|---|---|
sourceTables[] |
Source tables. Entire list is truncated if exceeds 50K. |
sourceTablesTruncated |
True if the sourceTables field was truncated. |
destinationTable |
Destination table. |
createDisposition |
Destination table create disposition. |
writeDisposition |
Destination table write disposition. |
destinationTableEncryption |
Result table encryption information. Set when non-default encryption is used. |
operationType |
Supported operation types in the table copy job. |
destinationExpirationTime |
Expiration time set on the destination table. Expired tables will be deleted and their storage reclaimed. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
BigQueryAuditMetadata.JobStatus
Status of a job.
| JSON representation | |
|---|---|
{ "jobState": enum ( |
|
| Fields | |
|---|---|
jobState |
State of the job. |
errorResult |
Job error, if the job failed. |
errors[] |
Errors encountered during the running of the job. Does not necessarily mean that the job has completed or was unsuccessful. |
BigQueryAuditMetadata.JobStats
Job statistics.
| JSON representation | |
|---|---|
{ "createTime": string, "startTime": string, "endTime": string, "totalSlotMs": string, "reservationUsage": [ { object ( |
|
| Fields | ||
|---|---|---|
createTime |
Job creation time. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
|
startTime |
Job execution start time. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
|
endTime |
Job completion time. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
|
totalSlotMs |
The total number of slot-ms consumed by the query job. |
|
reservationUsage[] |
Reservation usage attributed from each tier of a reservation hierarchy. |
|
parentJobName |
Parent job name. Only present for child jobs. |
|
Union field extended. Statistics specific to the job type. extended can be only one of the following: |
||
queryStats |
Query job statistics. |
|
loadStats |
Load job statistics. |
|
extractStats |
Extract job statistics. |
|
BigQueryAuditMetadata.JobStats.Query
Query job statistics.
| JSON representation | |
|---|---|
{ "totalProcessedBytes": string, "totalBilledBytes": string, "billingTier": integer, "referencedTables": [ string ], "referencedViews": [ string ], "referencedRoutines": [ string ], "outputRowCount": string, "cacheHit": boolean } |
|
| Fields | |
|---|---|
totalProcessedBytes |
Total bytes processed by the query job. |
totalBilledBytes |
Total bytes billed by the query job. |
billingTier |
The tier assigned by the CPU-based billing. |
referencedTables[] |
Tables accessed by the query job. |
referencedViews[] |
Views accessed by the query job. |
referencedRoutines[] |
Routines accessed by the query job. |
outputRowCount |
Number of output rows produced by the query job. |
cacheHit |
True if the query job results were read from the query cache. |
BigQueryAuditMetadata.JobStats.Load
Load job statistics.
| JSON representation | |
|---|---|
{ "totalOutputBytes": string } |
|
| Fields | |
|---|---|
totalOutputBytes |
Total bytes loaded by the import job. |
BigQueryAuditMetadata.JobStats.Extract
Extract job statistics.
| JSON representation | |
|---|---|
{ "totalInputBytes": string } |
|
| Fields | |
|---|---|
totalInputBytes |
Total bytes exported by the extract job. |
BigQueryAuditMetadata.JobStats.ReservationResourceUsage
Job resource usage breakdown by reservation.
| JSON representation | |
|---|---|
{ "name": string, "slotMs": string } |
|
| Fields | |
|---|---|
name |
Reservation name or "unreserved" for on-demand resources usage. |
slotMs |
Total slot milliseconds used by the reservation for a particular job. |
BigQueryAuditMetadata.JobChange
Job state change event.
| JSON representation | |
|---|---|
{ "before": enum ( |
|
| Fields | |
|---|---|
before |
Job state before the job state change. |
after |
Job state after the job state change. |
job |
Job metadata. |
BigQueryAuditMetadata.DatasetCreation
Dataset creation event.
| JSON representation | |
|---|---|
{ "dataset": { object ( |
|
| Fields | |
|---|---|
dataset |
Dataset metadata. |
reason |
Describes how the dataset was created. |
jobName |
The URI of the job that created the dataset. Present if the reason is QUERY. Format: |
BigQueryAuditMetadata.Dataset
BigQuery dataset.
| JSON representation | |
|---|---|
{ "datasetName": string, "datasetInfo": { object ( |
|
| Fields | |
|---|---|
datasetName |
Dataset URI. Format: |
datasetInfo |
User-provided metadata for the dataset. |
createTime |
Dataset creation time. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
updateTime |
Dataset metadata last update time. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
acl |
The access control list for the dataset. |
defaultTableExpireDuration |
Default expiration time for tables in the dataset. A duration in seconds with up to nine fractional digits, terminated by ' |
defaultEncryption |
Default encryption for tables in the dataset. |
BigQueryAuditMetadata.EntityInfo
User-provided metadata for an entity, for e.g. dataset, table or model.
| JSON representation | |
|---|---|
{ "friendlyName": string, "description": string, "labels": { string: string, ... } } |
|
| Fields | |
|---|---|
friendlyName |
A short name for the entity. |
description |
A long description for the entity. |
labels |
Labels provided for the entity. An object containing a list of |
BigQueryAuditMetadata.BigQueryAcl
An access control list.
| JSON representation | |
|---|---|
{
"policy": {
object ( |
|
| Fields | |
|---|---|
policy |
IAM policy for the resource. |
authorizedViews[] |
List of authorized views for a dataset. Format: |
BigQueryAuditMetadata.DatasetChange
Dataset change event.
| JSON representation | |
|---|---|
{ "dataset": { object ( |
|
| Fields | |
|---|---|
dataset |
Dataset metadata after the change. |
reason |
Describes how the dataset was changed. |
jobName |
The URI of the job that updated the dataset. Present if the reason is QUERY. Format: |
BigQueryAuditMetadata.DatasetDeletion
Dataset deletion event.
| JSON representation | |
|---|---|
{
"reason": enum ( |
|
| Fields | |
|---|---|
reason |
Describes how the dataset was deleted. |
jobName |
The URI of the job that deleted the dataset. Present if the reason is QUERY. Format: |
BigQueryAuditMetadata.TableCreation
Table creation event.
| JSON representation | |
|---|---|
{ "table": { object ( |
|
| Fields | |
|---|---|
table |
Table metadata. |
reason |
Describes how the table was created. |
jobName |
The URI of the job that created a table. Present if the reason is JOB or QUERY. Format: |
BigQueryAuditMetadata.Table
BigQuery table.
| JSON representation | |
|---|---|
{ "tableName": string, "tableInfo": { object ( |
|
| Fields | |
|---|---|
tableName |
Table URI. Format: |
tableInfo |
User-provided metadata for the table. |
schemaJson |
A JSON representation of the table's schema. Entire field is truncated if exceeds 40K. |
schemaJsonTruncated |
True if the schemaJson field was truncated. |
view |
View metadata. Only present for views. |
expireTime |
Table expiration time. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
createTime |
The table creation time. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
updateTime |
The last time metadata update time. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
truncateTime |
The last table truncation time. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
encryption |
Table encryption information. Set when non-default encryption is used. |
BigQueryAuditMetadata.TableViewDefinition
View definition.
| JSON representation | |
|---|---|
{ "query": string, "queryTruncated": boolean } |
|
| Fields | |
|---|---|
query |
SQL query defining the view. Truncated if exceeds 40K. |
queryTruncated |
True if the schemaJson field was truncated. |
BigQueryAuditMetadata.TableChange
Table metadata change event.
| JSON representation | |
|---|---|
{ "table": { object ( |
|
| Fields | |
|---|---|
table |
Updated table metadata. |
truncated |
True if the table was truncated. |
reason |
Describes how the table metadata was changed. |
jobName |
The URI of the job that changed a table. Present if the reason is JOB or QUERY. Format: |
BigQueryAuditMetadata.TableDeletion
Table deletion event.
| JSON representation | |
|---|---|
{
"reason": enum ( |
|
| Fields | |
|---|---|
reason |
Describes how table was deleted. |
jobName |
The URI of the job that deleted a table. Present if the reason is QUERY. Format: |
BigQueryAuditMetadata.TableDataRead
Table data read event.
| JSON representation | |
|---|---|
{
"fields": [
string
],
"fieldsTruncated": boolean,
"policyTags": [
string
],
"policyTagsTruncated": boolean,
"reason": enum ( |
|
| Fields | |
|---|---|
fields[] |
List of the accessed fields. Entire list is truncated if the record size exceeds 100K. |
fieldsTruncated |
True if the fields list was truncated. |
policyTags[] |
List of the referenced policy tags. That is, policy tags attached to the accessed fields or their ancestors. Policy tag resource name is a string of the format: |
policyTagsTruncated |
True if the policy tag list was truncated. At most 100 policy tags can be saved. |
reason |
Describes how the table data was read. |
jobName |
The URI of the job that read a table. Present if the reason is JOB but can be reducted for privacy reasons. Format: |
sessionName |
The URI of the read session that read a table. Present if the reason is CREATE_READ_SESSION. Format: |
BigQueryAuditMetadata.TableDataChange
Table data change event.
| JSON representation | |
|---|---|
{
"deletedRowsCount": string,
"insertedRowsCount": string,
"truncated": boolean,
"reason": enum ( |
|
| Fields | |
|---|---|
deletedRowsCount |
Number of deleted rows. |
insertedRowsCount |
Number of inserted rows. |
truncated |
True if the table was truncated. |
reason |
Describes how the table data was changed. |
jobName |
The URI of the job that changed a table. Format: |
streamName |
If written from WRITE_API, the name of the stream. Format: |
BigQueryAuditMetadata.ModelDeletion
Model deletion event.
| JSON representation | |
|---|---|
{
"reason": enum ( |
|
| Fields | |
|---|---|
reason |
Describes how the model was deleted. |
jobName |
The URI of the job that deleted a model. Present if the reason is QUERY. Format: |
BigQueryAuditMetadata.ModelCreation
Model creation event.
| JSON representation | |
|---|---|
{ "model": { object ( |
|
| Fields | |
|---|---|
model |
Model metadata. |
reason |
Describes how the model was created. |
jobName |
The URI of the job that created the model. Format: |
BigQueryAuditMetadata.Model
Trained BigQuery ML model.
| JSON representation | |
|---|---|
{ "modelName": string, "modelInfo": { object ( |
|
| Fields | |
|---|---|
modelName |
Model URI. Format: |
modelInfo |
User-provided metadata for the model. |
expireTime |
Model expiration time. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
createTime |
Model creation time. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
updateTime |
Model last update time. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
encryption |
Model encryption information. Set when non-default encryption is used. |
BigQueryAuditMetadata.ModelMetadataChange
Model metadata change event.
| JSON representation | |
|---|---|
{ "model": { object ( |
|
| Fields | |
|---|---|
model |
Updated model. |
reason |
Describes how the model metadata was changed. |
jobName |
The URI of the job that changed the model metadata. Present if and only if the reason is QUERY. Format: |
BigQueryAuditMetadata.ModelDataChange
Model data change event.
| JSON representation | |
|---|---|
{
"reason": enum ( |
|
| Fields | |
|---|---|
reason |
Describes how the model data was changed. |
jobName |
The URI of the job that changed the model data. Format: |
BigQueryAuditMetadata.ModelDataRead
Model data read event.
| JSON representation | |
|---|---|
{
"reason": enum ( |
|
| Fields | |
|---|---|
reason |
Describes how the model data was read. |
jobName |
The URI of the job that read the model data. Format: |
BigQueryAuditMetadata.RoutineCreation
Routine creation event.
| JSON representation | |
|---|---|
{ "routine": { object ( |
|
| Fields | |
|---|---|
routine |
Created routine. |
reason |
Describes how the routine was created. |
jobName |
The URI of the job that created the routine. Format: |
BigQueryAuditMetadata.Routine
User Defined Function (UDF) or Stored Procedure.
| JSON representation | |
|---|---|
{ "routineName": string, "createTime": string, "updateTime": string } |
|
| Fields | |
|---|---|
routineName |
Routine URI. Format: |
createTime |
Routine creation time. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
updateTime |
Routine last update time. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
BigQueryAuditMetadata.RoutineChange
Routine change event.
| JSON representation | |
|---|---|
{ "routine": { object ( |
|
| Fields | |
|---|---|
routine |
Updated routine. |
reason |
Describes how the routine was updated. |
jobName |
The URI of the job that updated the routine. Format: |
BigQueryAuditMetadata.RoutineDeletion
Routine deletion event.
| JSON representation | |
|---|---|
{ "routine": { object ( |
|
| Fields | |
|---|---|
routine |
Deleted routine. |
reason |
Describes how the routine was deleted. |
jobName |
The URI of the job that deleted the routine. Present if the reason is QUERY. Format: |
BigQueryAuditMetadata.RowAccessPolicyCreation
Row access policy creation event.
| JSON representation | |
|---|---|
{
"rowAccessPolicy": {
object ( |
|
| Fields | |
|---|---|
rowAccessPolicy |
The row access policy created by this event. |
jobName |
The URI of the job that created this row access policy. Format: |
BigQueryAuditMetadata.RowAccessPolicy
BigQuery row access policy.
| JSON representation | |
|---|---|
{ "rowAccessPolicyName": string } |
|
| Fields | |
|---|---|
rowAccessPolicyName |
Row access policy URI. Format: |
BigQueryAuditMetadata.RowAccessPolicyChange
Row access policy change event.
| JSON representation | |
|---|---|
{
"rowAccessPolicy": {
object ( |
|
| Fields | |
|---|---|
rowAccessPolicy |
The row access policy that was changed by this event. |
jobName |
The URI of the job that created this row access policy. Format: |
BigQueryAuditMetadata.RowAccessPolicyDeletion
Row access policy deletion event.
| JSON representation | |
|---|---|
{
"rowAccessPolicies": [
{
object ( |
|
| Fields | |
|---|---|
rowAccessPolicies[] |
The row access policies that were deleted. At present, only populated when a single policy is dropped. |
jobName |
The job that deleted these row access policies. Format: |
allRowAccessPoliciesDropped |
This field is set to true when a DROP ALL command has been executed, thus removing all row access policies on the table. |