Google services with audit logs

The tables below list the Google services that write Admin Activity or Data Access audit logs. GA indicates that a log type is Generally Available for a service; Beta indicates that a log type is available, but might be changed in backward-incompatible ways and isn't subject to any SLA or deprecation policy.

Google Cloud services producing audit logs

GCP services with audit logs Admin
Activity
logs		 Data
Access
logs
Access Approval API Beta n/a1
Access Context Manager GA GA
AI Platform Beta Beta
App Engine GA n/a1
Application Identity2 Beta n/a1
AutoML Beta Beta
BigQuery3 GA GA4
Cloud Bigtable GA n/a1
Cloud Billing Beta n/a1
Cloud Build GA GA
Cloud Composer GA GA
Cloud Data Fusion Beta Beta
Cloud Data Loss Prevention GA GA
Cloud Deployment Manager GA GA
Cloud DNS GA GA
Cloud Functions GA GA
Cloud Healthcare API Beta Beta
Cloud Identity and Access Management GA GA
Cloud Key Management Service GA GA
Cloud Life Sciences Beta Beta
Cloud Run Beta Beta
Cloud Source Repositories GA GA
Cloud Spanner GA GA
Cloud SQL GA GA
Cloud Storage5 GA8 GA
Cloud Translation GA GA
Cloud Vision GA n/a1
Compute Engine3 GA GA
Compute Engine Serial Port Access GA n/a1
Container Analysis GA GA
Connectivity Tests Beta n/a1
Dataflow GA n/a1
Dataproc GA GA
Datastore GA GA6
Data Catalog Beta Beta
Dialogflow GA GA
Firebase Management Beta Beta
Firebase Notifications Console n/a7 GA
Google Kubernetes Engine GA GA
Identity Platform GA GA
Identity-Aware Proxy n/a7 GA
IoT Core GA GA
Managed Service for Microsoft Active Directory Beta Beta
Memorystore Beta Beta
Pub/Sub3 GA GA
Resource Manager GA GA
Serverless VPC Access Beta Beta
Service Management3 GA n/a1
Stackdriver Debugger GA GA
Stackdriver Error Reporting GA GA
Stackdriver Logging GA GA
Stackdriver Monitoring GA GA
Stackdriver Trace n/a7 GA
Stackdriver Profiler n/a7 GA

G Suite services producing audit logs

G Suite services with audit logs Admin
Activity
logs		 Data
Access
logs
Enterprise Groups GA n/a1

The G Suite audit log name is organizations/[ORGANIZATION_ID]/logs/cloudaudit.googleapis.com%2Factivity. G Suite audit logs use the resource type audited_resource.

For additional context, review the G Suite Admin Help article.

1: Data Access audit logs are not written for this service.
2: Audits OAuth 2.0 client IDs and brands.
3: System Event audit logs are also available for this service.
4: BigQuery Data Access audit logs are enabled by default and don't count against your logs allotment.
5: Does not include request/response information.
6: Audits requests to start managed import or export operations. Audit does not include entity-specific read/write logs for those operations.
7: Admin Activity audit logs are not written for this service.
8: If an object ACL is set to public, Admin Activity audit logs are not written for any updates to that object ACL.