Audit Logging in Google Cloud Platform

From Luis Gallego Hurtado - Not Another IT guy
Jump to: navigation, search

Audit logging includes the following types of logging:

  • Admin activity
  • System events
  • Data access

Admin Activity

Audit logging is always enabled for admin activity, e.g. any cloud resource is created/deleted/updated, permissions are changed, etc.

Retention is 400 days.

System Events

Audit logging is always enabled for system events e.g. live migration.

Retention is 400 days.

Data Access

Audit logging is disabled for data usage.

Retention is 30 days.

However, BigQuery logs are enabled and they cannot be disabled, but are not accountable for logs allotment.