Google Cloud services with audit logs

This page provides information about the Google Cloud and Google Workspace services that write audit logs.

For an overview of what audit logs are and what each type of audit log means, see Cloud Audit Logs overview.

For an overview of Google Workspace audit logs, see Audit logs for Google Workspace.

In the following tables, GA indicates that a log type is Generally Available for a service; Beta or Preview indicate that a log type is available, but might be changed in backward-incompatible ways and isn't subject to any SLA or deprecation policy. For more information, see the product launch stages.

To indicate that a log type isn't available, n/a (not applicable) is used.

Google Cloud services producing audit logs

Google Cloud services
with audit logs
Admin Activity
logs
Data Access
logs
System Event
logs
Policy Denied
logs
Notes
Access Approval GA n/a n/a n/a
Access Context Manager GA GA n/a n/a
Advisory Notifications n/a GA n/a n/a
AI Platform Vizier Beta Beta n/a n/a
AI Platform Prediction Beta Beta n/a n/a
AI Platform Training Beta Beta n/a n/a
AlloyDB for PostgreSQL GA GA n/a n/a
GKE attached clusters GA GA n/a n/a
Anti Money Laundering AI n/a GA n/a n/a
GKE on AWS GA GA n/a n/a
GKE on Azure GA GA n/a n/a
Google Distributed Cloud Virtual GA GA n/a n/a
Anthos Service Mesh GA GA n/a n/a
API Gateway GA GA n/a n/a
Apigee API hub Preview Preview n/a n/a
Apigee Hybrid GA GA n/a n/a
Apigee GA GA n/a n/a
App Hub Preview Preview n/a n/a
Application Integration GA GA GA GA
API keys n/a GA n/a n/a
Batch n/a GA n/a n/a
App Engine GA GA n/a n/a
App Engine Memcache n/a GA n/a n/a Audit logging configuration is inherited from your App Engine audit logging configuration.
Artifact Registry GA GA n/a n/a
Assured Workloads GA GA n/a n/a
AutoML Beta Beta n/a n/a
Backup and DR Service GA GA n/a n/a
Backup for GKE GA GA n/a n/a
Bare Metal Solution n/a GA n/a n/a
BeyondCorp Enterprise GA GA n/a n/a
BigQuery GA GA GA n/a BigQuery Data Access audit logs are enabled by default and don't count against your logs allotment.
Analytics Hub GA GA n/a n/a
BigQuery Data Policy GA GA n/a n/a
BigQuery Data Transfer Service GA GA n/a n/a Data Access audit log configuration is inherited from your default audit log configuration.
BigLake API GA GA n/a n/a
Binary Authorization GA GA n/a n/a
Blockchain Node Engine GA GA n/a n/a
Certificate Authority Service GA GA n/a n/a
Certificate Manager GA GA n/a n/a
Chronicle GA GA n/a n/a
Cloud Asset Inventory GA GA n/a n/a
Cloud Commerce Consumer Procurement GA GA n/a n/a
Bigtable GA GA GA n/a
Cloud Billing Beta Beta n/a n/a
Cloud Build GA GA n/a n/a
Cloud CDN GA GA n/a n/a
Cloud Composer GA GA n/a n/a
Cloud Customer Care Preview Preview n/a n/a
Confidential VM GA GA n/a n/a
Cloud Data Fusion GA GA n/a n/a
Sensitive Data Protection GA GA n/a n/a
Cloud Deployment Manager GA GA n/a n/a
Cloud DNS GA GA n/a n/a
Cloud Domains GA GA n/a n/a
Cloud Functions GA GA n/a n/a
Cloud Healthcare API GA GA n/a n/a
Cloud IDS Preview Preview n/a n/a
Cloud Key Management Service GA GA n/a n/a
Cloud Life Sciences Beta Beta n/a n/a
Cloud Load Balancing GA GA n/a n/a
Cloud Logging GA GA n/a n/a
Cloud Monitoring GA GA n/a n/a
Cloud NAT GA GA n/a n/a
Cloud Profiler n/a GA n/a n/a
Cloud Run GA GA n/a n/a
Cloud Scheduler GA GA n/a n/a
Cloud Source Repositories GA GA n/a n/a
Spanner GA GA n/a n/a
Cloud SQL GA GA n/a n/a
Cloud Storage GA GA n/a n/a Does not include request/response information.
If an object ACL is set to public, audit logs are not generated for reads or writes to that object or its ACL.
Cloud TPU GA GA Preview n/a
Cloud Trace n/a GA n/a n/a
Cloud Translation GA GA n/a n/a
Cloud Vision GA n/a n/a n/a
Cloud Workstations GA GA n/a n/a
Compute Engine GA GA GA n/a
Connect n/a GA n/a n/a
Connectivity Tests GA GA n/a n/a
Contact Center AI Insights n/a GA n/a n/a
Contact Center AI Platform GA GA n/a n/a
Artifact Analysis GA GA n/a n/a
Data Catalog GA GA n/a n/a
Database Migration Service GA n/a n/a n/a
Dataflow GA GA n/a n/a
Dataform GA GA n/a n/a
Dataplex GA GA n/a n/a
Dataproc GA GA n/a n/a
Dataproc Metastore GA GA n/a n/a
Datastore GA GA n/a n/a
Datastream GA GA n/a n/a
Dialogflow GA GA n/a n/a
Discovery Engine GA GA n/a n/a
Document AI GA GA n/a n/a
Document AI Warehouse GA GA n/a n/a
Enterprise Knowledge Graph Preview Preview n/a n/a
Error Reporting GA GA n/a n/a
Essential Contacts n/a GA n/a n/a
Eventarc GA GA n/a n/a
Filestore GA GA n/a n/a
Firebase App Check GA GA n/a n/a
Firebase Management Beta Beta n/a n/a
Firebase Notifications Console n/a GA n/a n/a
Firebase Security Rules GA GA n/a n/a
Firebase Realtime Database Beta GA n/a n/a
Firestore GA GA n/a n/a
Connect Gateway GA GA n/a n/a
Google Cloud Armor GA GA n/a n/a
Google Cloud Migration Center Beta Beta n/a n/a
Google Distributed Cloud Edge GA GA GA n/a
Google Kubernetes Engine GA GA n/a n/a
Google Workspace Add-ons API GA n/a n/a n/a
Hub GA GA n/a n/a
Earth Engine API GA GA n/a n/a
Identity and Access Management (IAM) GA GA n/a n/a
Identity Platform GA GA n/a n/a
Identity-Aware Proxy n/a GA n/a n/a
Infrastructure Manager GA GA n/a n/a
Integration Connectors GA GA n/a n/a
IoT Core GA GA n/a n/a
Immersive Stream for XR GA GA n/a n/a
Managed Service for Microsoft Active Directory Beta Beta n/a n/a
Memorystore for Memcached GA GA n/a n/a
Memorystore for Redis GA GA n/a n/a
Migrate to Virtual Machines GA GA n/a n/a
Network Connectivity Center GA GA n/a n/a
Organization Policy GA GA n/a GA
Policy Simulator GA GA n/a n/a
Pub/Sub GA GA GA n/a Pub/Sub does not currently write Data Access audit logs for message operations, such as Publish, Subscribe, and Acknowledge.
Pub/Sub Lite GA GA n/a n/a
Public Certificate Authority n/a Preview n/a n/a
reCAPTCHA Enterprise GA GA n/a n/a
Recommendations Beta Beta n/a n/a
Recommender GA GA n/a n/a
Resource Manager GA GA n/a n/a
Resource Settings GA GA n/a n/a
Secret Manager GA GA n/a n/a
Security Command Center GA GA GA n/a Security Command Center Settings API Admin and Data Access audit logs are in Beta. The Secured Landing Zone service is in Preview.
Security Center Management API GA n/a n/a n/a
Serverless VPC Access Beta Beta n/a n/a
Service Directory GA GA n/a n/a
Personalized Service Health n/a GA n/a n/a
Service Management GA n/a GA n/a
Service Consumer Management n/a GA n/a n/a
Service Metadata API n/a Preview n/a n/a
Service Usage n/a GA n/a n/a
Speaker ID GA GA n/a n/a The Speaker ID service is in restricted GA.
Speech-to-Text GA GA n/a n/a Only Speech-to-Text API v2 supports audit logging.
Storage Insights GA GA n/a n/a
Timeseries Insights API GA GA n/a n/a
Transcoder API n/a GA n/a n/a
Translation Hub API Preview Preview n/a n/a
Transparency and Control Center GA GA n/a n/a
Traffic Director GA GA n/a n/a
Vertex AI GA GA n/a n/a
Vertex AI Search and Conversation GA GA n/a n/a
Vertex AI Vision Preview Preview n/a n/a
Vertex AI Workbench managed notebooks GA GA n/a n/a
Vertex AI Workbench user-managed notebooks GA GA n/a n/a
Video Stitcher API n/a GA n/a n/a
Virtual Private Cloud (VPC) GA GA n/a n/a
Google Cloud VMware Engine GA GA n/a n/a
Enterprise Purchasing API GA GA n/a n/a
VPC Service Controls n/a n/a n/a GA VPC Service Controls is managed through Access Context Manager, which produces Admin Activity and Data Access audit logs.
Workflows GA GA n/a n/a
Workload Manager Preview Preview n/a n/a
Transfer Appliance Beta Beta n/a n/a
Looker (Google Cloud core) GA GA n/a n/a
Google Cloud NetApp Volumes GA GA n/a n/a
Cloud Next Generation Firewall Enterprise Preview Preview n/a n/a
Cloud Quotas GA GA n/a n/a

Google Workspace services producing audit logs

Google Workspace services
with audit logs
Admin Activity
logs
Data Access
logs
System Event
logs
Policy Denied
logs
Notes
Google Workspace Admin Audit GA n/a n/a n/a
Google Workspace Enterprise Groups Audit GA n/a n/a n/a
Google Workspace Login Audit n/a GA n/a n/a
Google Workspace OAuth Token Audit GA GA n/a n/a
Google Workspace SAML Audit n/a GA n/a n/a