Stay organized with collections
Save and categorize content based on your preferences.
Google Distributed Cloud (GDC) air-gapped provides audit logs to help you maintain security
and compliance. These logs track administrative activities and access to your
GDC resources. You can maintain a record of system
events using audit logs, answering to the question
"who did what, where, and when?" for your system.
This section helps to understand and query audit logs, including descriptions of
the audited operations in GDC and containing examples of
log file entries for components that generate audit logs.
Use this section for reference when constructing
LogQL (Log Query Language)
expressions to search for audit logs. For more information, see
Query and view logs.
The information about audit logs is organized in the following two sections:
Audited components:
Details the key fields in audit logs generated by various
GDC components, with examples for constructing
effective queries for audited operations.
Audit log sources:
Provides a comprehensive view of the JSON structure and field descriptions for
raw audit log entries. Use this information to effectively monitor,
troubleshoot, and audit your environment.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eGoogle Distributed Cloud (GDC) air-gapped provides audit logs to track administrative activities and access to resources, helping maintain security and compliance.\u003c/p\u003e\n"],["\u003cp\u003eAudit logs record system events, answering the question of "who did what, where, and when" within the GDC system.\u003c/p\u003e\n"],["\u003cp\u003eThe provided information assists in understanding, and querying audit logs, including descriptions of operations in GDC and log file entry examples.\u003c/p\u003e\n"],["\u003cp\u003eReference this section when creating LogQL expressions to search audit logs, for which more information is available in the "Query and view logs" section.\u003c/p\u003e\n"],["\u003cp\u003eThe document provides two sections: "Audited components" which details key fields in logs and provides query examples, and "Audit log sources" which gives comprehensive view of the raw log entries' JSON structure.\u003c/p\u003e\n"]]],[],null,["# Audit logs overview\n\nGoogle Distributed Cloud (GDC) air-gapped provides audit logs to help you maintain security\nand compliance. These logs track administrative activities and access to your\nGDC resources. You can maintain a record of system\nevents using audit logs, answering to the question\n*\"who did what, where, and when?\"* for your system.\n\nThis section helps to understand and query audit logs, including descriptions of\nthe audited operations in GDC and containing examples of\nlog file entries for components that generate audit logs.\n\nUse this section for reference when constructing\n[LogQL](https://grafana.com/docs/loki/latest/logql/) (Log Query Language)\nexpressions to search for audit logs. For more information, see\n[Query and view logs](/distributed-cloud/hosted/docs/latest/gdch/platform/pa-user/query-and-view-logs).\n\nThe information about audit logs is organized in the following two sections:\n\n- [**Audited components**](/distributed-cloud/hosted/docs/latest/gdch/platform-application/pa-ao-operations/audited-components): Details the key fields in audit logs generated by various GDC components, with examples for constructing effective queries for audited operations.\n- [**Audit log sources**](/distributed-cloud/hosted/docs/latest/gdch/platform-application/pa-ao-operations/audit-log-sources): Provides a comprehensive view of the JSON structure and field descriptions for raw audit log entries. Use this information to effectively monitor, troubleshoot, and audit your environment."]]
