Google Distributed Cloud (GDC) air-gapped appliance provides audit logs to help you maintain security and compliance. These logs track administrative activities and access to your GDC resources. You can maintain a record of system events using audit logs, answering to the question "who did what, where, and when?" for your system.
This section helps to understand and query audit logs, including descriptions of the audited operations in GDC and containing examples of log file entries for components that generate audit logs.
Use this section for reference when constructing LogQL (Log Query Language) expressions to search for audit logs. For more information, see Query and view logs.
The information about audit logs is organized in the following two sections:
- Audited components: Details the key fields in audit logs generated by various GDC components, with examples for constructing effective queries for audited operations.
- Audit log sources: Provides a comprehensive view of the JSON structure and field descriptions for raw audit log entries. Use this information to effectively monitor, troubleshoot, and audit your environment.