Fields in the log entry that contain audit information
Audit metadata
Audit field name
Value
User or service identity
identity
For example,
"identity":"fop-shengjiang"
Target
(Fields and values that call the API)
resource
"resource":"AIS STS token"
Action
(Fields containing the performed operation)
action
"action":"Create"
Event timestamp
time
For example,
"time":"2022-11-22T18:31:37.084205362+00:00"
Source of action
userAgent
For example,
"userAgent":"Go-http-client/2.0"
Outcome
response
For example,
"response":"Success"
Other fields
Not applicable
Not applicable
Example log
{"action":"Create","auditID":"vwWq8fQ-o9RTopgcZtAC_psm1aYyMKxkv47GOkdU","description":"An AIS STS token is minted for fop-shengjiang (from fake-oidc-provider) and will be valid for 11h59m49.438314611s","resource":"AIS STS token","response":"Success","time":"2022-11-22T18:31:37.084205362+00:00","user":{"groups":["group-claim-1","group-claim-2"],"identity":"fop-shengjiang","issuer":"fake-oidc-provider"},"userAgent":"Go-http-client/2.0"}
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-08 UTC."],[[["\u003cp\u003eWorkloads for this audit log are located at the root and organization levels.\u003c/p\u003e\n"],["\u003cp\u003eThe audit log source is the GKE Identity Service.\u003c/p\u003e\n"],["\u003cp\u003eThe audited operation covered in this log is the creation of STS tokens.\u003c/p\u003e\n"],["\u003cp\u003eAudit information within the log entry includes user identity, target resource, action performed, event timestamp, action source, and outcome.\u003c/p\u003e\n"],["\u003cp\u003eAn example of an STS token creation log is provided, highlighting the structure and values of a success response, including the specific time, user identity, and resource.\u003c/p\u003e\n"]]],[],null,[]]
