Using Cloud Audit Logging with the Service Management API

This guide provides specific details for using Cloud Audit Logging with the Service Management API. You can find out more about general Cloud Audit Logging concepts and tasks in Cloud Audit Logging.

Logged information

There are two types of audit logs within Cloud Audit Logging:

  • Admin activity logs are entries for operations that modify a service configuration.
  • Data access logs are entries for operations that:
    • Read a service configuration.
    • Create, read, or modify user-provided data.

The Service Management API only creates admin activity logs.

The following Service Management API operations generate admin activity log entries:

The Service Management API logs follow the same format as other Cloud Audit Logging logs, using the AuditLog object and contain:

  • The user who made the request, including the email address of that user.
  • The resource name on which the request was made.
  • The outcome of the request.

Log settings

Admin activity is logged by default, and does not count towards your log ingestion quota.

Log access

Permissions

The following users can view admin activity logs:

Viewing logs

You can view the Cloud Audit Logging logs for your service producer project in the Activity Stream on the Google Cloud Platform Console, as well as more detailed logs in the Logs Viewer. Further instructions on filtering logs in the Logs Viewer can be found in the Cloud Audit Logging documentation.

If desired, you can also export logs.

Was this page helpful? Let us know how we did:

Send feedback about...

Service Infrastructure