The tables below list the Google Cloud services that write Admin Activity or Data Access audit logs. GA indicates that a log type is Generally Available for a service; Beta indicates that a log type is available, but might be changed in backward-incompatible ways and isn't subject to any SLA or deprecation policy.
For an overview of how audit logs are formatted, see the AuditLog page.
Google Cloud services producing audit logs
| Google Cloud services with audit logs |
Admin Activity logs |
Data Access logs |
Notes |
|---|---|---|---|
| Access Approval | GA | n/a | Data Access audit logs aren't written for this service. |
| Access Context Manager | GA | GA | |
| API Gateway | Beta | Beta | |
| AI Platform Notebooks | Beta | Beta | |
| AI Platform Vizier | Beta | Beta | |
| AI Platform Prediction | Beta | Beta | |
| AI Platform Training | Beta | Beta | |
| AI Platform (Unified) | Beta | Beta | |
| Anthos Service Mesh | GA | n/a | Data Access audit logs aren't written for this service. |
| App Engine | GA | n/a | Data Access audit logs aren't written for this service. |
| Application Identity | Beta | n/a | Data Access audit logs aren't written for this service. Audits OAuth 2.0 client IDs and brands. |
| Assured Workloads for Government | Beta | Beta | |
| AutoML | Beta | Beta | |
| BigQuery | GA | GA | System Event audit logs are also available for this service. BigQuery Data Access audit logs are enabled by default and don't count against your logs allotment. |
| Cloud Bigtable | GA | n/a | Data Access audit logs aren't written for this service. |
| Cloud Billing | Beta | n/a | Data Access audit logs aren't written for this service. |
| Cloud Build | GA | GA | |
| Cloud CDN | GA | GA | |
| Certificate Authority Service | Beta | Beta | |
| Cloud Composer | GA | GA | |
| Cloud Data Fusion | Beta | Beta | |
| Cloud Data Loss Prevention | GA | GA | |
| Cloud Debugger | GA | GA | |
| Cloud Deployment Manager | GA | GA | |
| Cloud DNS | GA | GA | |
| Cloud Domains | Beta | Beta | |
| Cloud Functions | GA | GA | |
| Workflows | GA | GA | |
| Cloud Healthcare API | GA | GA | |
| Identity and Access Management (IAM) | GA | GA | |
| Cloud Key Management Service | GA | GA | |
| Cloud Life Sciences | Beta | Beta | |
| Cloud Load Balancing | GA | GA | |
| Cloud Logging | GA | GA | |
| Cloud Monitoring | GA | GA | |
| Cloud NAT | GA | GA | |
| Cloud Profiler | n/a | GA | Admin Activity audit logs are not written for this service. |
| Cloud Run | Beta | Beta | |
| Cloud Source Repositories | GA | GA | |
| Cloud Spanner | GA | GA | |
| Cloud SQL | GA | GA | |
| Cloud Storage | GA | GA | Does not include request/response information. If an object ACL is set to public, audit logs are not generated for reads or writes to that object or its ACL. |
| Cloud Trace | n/a | GA | Admin Activity audit logs are not written for this service. |
| Cloud Translation | GA | GA | |
| Cloud Vision | GA | n/a | Data Access audit logs aren't written for this service. |
| Compute Engine | GA | GA | System Event audit logs are also available for this service. |
| Compute Engine | GA | n/a | Data Access audit logs aren't written for this service. |
| Connectivity Tests | GA | GA | |
| Container Analysis | GA | GA | |
| Dataflow | GA | n/a | Data Access audit logs aren't written for this service. |
| Dataproc | GA | GA | |
| Dataproc Metastore | Preview | Preview | |
| Datastore | GA | GA | Audits requests to start managed import or export operations. Audit doesn't include entity-specific read/write logs for those operations. |
| Data Catalog | Beta | Beta | |
| Dialogflow | GA | GA | |
| Error Reporting | GA | GA | |
| Eventarc | Beta | Beta | |
| Firebase Management | Beta | Beta | |
| Firebase Notifications Console | n/a | GA | Admin Activity audit logs are not written for this service. |
| Firestore | GA | GA | Audits requests to start managed import or export operations. Audit doesn't include entity-specific read/write logs for those operations. |
| Game Servers | GA | GA | |
| Google Cloud Armor | GA | GA | |
| Google Kubernetes Engine | GA | GA | |
| Identity Platform | GA | GA | |
| Identity-Aware Proxy | n/a | GA | Admin Activity audit logs are not written for this service. |
| IoT Core | GA | GA | |
| Managed Service for Microsoft Active Directory | Beta | Beta | |
| Memorystore | Beta | Beta | |
| Pub/Sub | GA | n/a | Data Access audit logs aren't written for this service. System Event audit logs are also available for this service. |
| Pub/Sub Lite | GA | GA | |
| reCAPTCHA Enterprise | GA | GA | |
| Recommendations AI | Beta | Beta | |
| Resource Manager | GA | GA | |
| Secret Manager | Beta | Beta | |
| Security Command Center | GA | GA | Security Command Center Settings API Admin, Data access Audit logs, and Container Threat Detection are in Beta. |
| Serverless VPC Access | Beta | Beta | |
| Service Directory | Beta | Beta | |
| Service Management | GA | n/a | Data Access audit logs aren't written for this service. System Event audit logs are also available for this service. |
| Transparency and Control Center | GA | GA | |
| Virtual Private Cloud (VPC) | GA | GA | |
| VPC Service Controls | n/a | n/a | VPC Service Controls is GA and produces Policy Denied audit logs. VPC Service Controls is managed through Access Context Manager, which produces Admin Activity and Data Access audit logs. |
Google Workspace services producing audit logs
| Google Workspace services with audit logs |
Admin Activity logs |
Data Access logs |
Notes |
|---|---|---|---|
| Google Workspace Admin Activities | GA | n/a | Data Access audit logs aren't written for this service. |
| Google Workspace Login Audit Activities | n/a | GA | Admin Activity audit logs are not written for this service. |
| Google Workspace Enterprise Groups Audit Activities | GA | n/a | Data Access audit logs aren't written for this service. |
For additional context, review the Google Workspace Admin Help article.