This page provides information on the Google Cloud and Google Workspace services that write audit logs. For an overview of what audit logs are and what each type of audit log means, see Cloud Audit Logs.
In the following tables GA indicates that a log type is Generally Available for a service; Beta or Preview indicate that a log type is available, but might be changed in backward-incompatible ways and isn't subject to any SLA or deprecation policy. To indicate that a log type isn't available, n/a (not applicable) is used.
For an overview of how audit logs are formatted, see
the AuditLog
page.
Google Cloud services producing audit logs
Google Cloud services with audit logs |
Admin Activity logs |
Data Access logs |
System Event logs |
Policy Denied logs |
Notes |
---|---|---|---|---|---|
Access Approval | GA | n/a | n/a | n/a | |
Access Context Manager | GA | GA | n/a | n/a | |
API Gateway | GA | GA | n/a | n/a | |
AI Platform Notebooks | GA | GA | n/a | n/a | |
AI Platform Vizier | Beta | Beta | n/a | n/a | |
AI Platform Prediction | Beta | Beta | n/a | n/a | |
AI Platform Training | Beta | Beta | n/a | n/a | |
AI Platform (Unified) | Beta | Beta | n/a | n/a | |
Anthos Service Mesh | GA | Preview | n/a | n/a | |
App Engine | GA | n/a | n/a | n/a | |
Application Identity | Beta | n/a | n/a | n/a | Audits OAuth 2.0 client IDs and brands. |
Assured Workloads for Government | Beta | Beta | n/a | n/a | |
AutoML | Beta | Beta | n/a | n/a | |
BigQuery | GA | GA | GA | n/a | BigQuery Data Access audit logs are enabled by default and don't count against your logs allotment. |
BigQuery Data Transfer Service | Preview | Preview | n/a | n/a | |
Cloud Bigtable | GA | GA | n/a | n/a | |
Cloud Billing | Beta | n/a | n/a | n/a | Data Access audit logs aren't written for this service. |
Cloud Build | GA | GA | n/a | n/a | |
Cloud CDN | GA | GA | n/a | n/a | |
Certificate Authority Service | Beta | Beta | n/a | n/a | |
Cloud Composer | GA | GA | n/a | n/a | |
Cloud Data Fusion | Beta | Beta | n/a | n/a | |
Database Migration Service | GA | n/a | n/a | n/a | |
Cloud Data Loss Prevention | GA | GA | n/a | n/a | |
Cloud Debugger | GA | GA | n/a | n/a | |
Cloud Deployment Manager | GA | GA | n/a | n/a | |
Cloud DNS | GA | GA | n/a | n/a | |
Cloud Domains | Beta | Beta | n/a | n/a | |
Cloud Functions | GA | GA | n/a | n/a | |
Workflows | GA | GA | n/a | n/a | |
Cloud Healthcare API | GA | GA | n/a | n/a | |
Identity and Access Management (IAM) | GA | GA | n/a | n/a | |
Cloud Key Management Service | GA | GA | n/a | n/a | |
Cloud Life Sciences | Beta | Beta | n/a | n/a | |
Cloud Load Balancing | GA | GA | n/a | n/a | |
Cloud Logging | GA | GA | n/a | n/a | |
Cloud Monitoring | GA | GA | n/a | n/a | |
Cloud NAT | GA | GA | n/a | n/a | |
Cloud Profiler | n/a | GA | n/a | n/a | |
Cloud Run | Beta | Beta | n/a | n/a | |
Cloud Source Repositories | GA | GA | n/a | n/a | |
Cloud Spanner | GA | GA | n/a | n/a | |
Cloud SQL | GA | GA | n/a | n/a | |
Cloud Storage | GA | GA | n/a | n/a | Does not include request/response information. If an object ACL is set to public, audit logs are not generated for reads or writes to that object or its ACL. |
Cloud Trace | n/a | GA | n/a | n/a | |
Cloud Translation | GA | GA | n/a | n/a | |
Cloud Vision | GA | n/a | n/a | n/a | |
Compute Engine | GA | GA | GA | n/a | |
Compute Engine | GA | n/a | n/a | n/a | |
Connectivity Tests | GA | GA | n/a | n/a | |
Container Analysis | GA | GA | n/a | n/a | |
Dataflow | GA | n/a | n/a | n/a | |
Dataproc | GA | GA | n/a | n/a | |
Dataproc Metastore | GA | GA | n/a | n/a | |
Datastore | GA | GA | n/a | n/a | Audits requests to start managed import or export operations. Audit doesn't include entity-specific read/write logs for those operations. |
Data Catalog | Beta | Beta | n/a | n/a | |
Dialogflow | GA | GA | n/a | n/a | |
Early Access Center | n/a | GA | n/a | n/a | |
Error Reporting | GA | GA | n/a | n/a | |
Eventarc | Beta | Beta | n/a | n/a | |
Firebase Management | Beta | Beta | n/a | n/a | |
Firebase Notifications Console | n/a | GA | n/a | n/a | |
Firestore | GA | GA | n/a | n/a | Audits requests to start managed import or export operations. Audit doesn't include entity-specific read/write logs for those operations. |
Game Servers | GA | GA | n/a | n/a | |
Google Cloud Armor | GA | GA | n/a | n/a | |
Google Kubernetes Engine | GA | GA | n/a | n/a | |
Google Workspace Add-ons API | GA | n/a | n/a | n/a | |
Identity Platform | GA | GA | n/a | n/a | |
Identity-Aware Proxy | n/a | GA | n/a | n/a | |
IoT Core | GA | GA | n/a | n/a | |
Managed Service for Microsoft Active Directory | Beta | Beta | n/a | n/a | |
Memorystore | Beta | Beta | n/a | n/a | |
Organization Policy | GA | GA | n/a | n/a | |
Pub/Sub | GA | n/a | GA | n/a | |
Pub/Sub Lite | GA | GA | n/a | n/a | |
reCAPTCHA Enterprise | GA | GA | n/a | n/a | |
Recommendations AI | Beta | Beta | n/a | n/a | |
Resource Manager | GA | GA | n/a | n/a | |
Secret Manager | GA | GA | n/a | n/a | |
Security Command Center | GA | GA | n/a | n/a | Security Command Center Settings API Admin, Data access Audit logs, and Container Threat Detection are in Beta. |
Serverless VPC Access | Beta | Beta | n/a | n/a | |
Service Directory | GA | GA | n/a | n/a | |
Service Management | GA | n/a | GA | n/a | |
Transparency and Control Center | GA | GA | n/a | n/a | |
Virtual Private Cloud (VPC) | GA | GA | n/a | n/a | |
VPC Service Controls | n/a | n/a | n/a | GA | VPC Service Controls is managed through Access Context Manager, which produces Admin Activity and Data Access audit logs. |
Google Workspace services producing audit logs
Google Workspace services with audit logs |
Admin Activity logs |
Data Access logs |
System Event logs |
Policy Denied logs |
Notes |
---|---|---|---|---|---|
Google Workspace Admin Activities | GA | n/a | n/a | n/a | |
Google Workspace Login Audit Activities | n/a | GA | n/a | n/a | |
Google Workspace Enterprise Groups Audit Activities | GA | n/a | n/a | n/a | |
For additional context, review the Google Workspace Admin Help article.