image
Viewing and Exporting Audit Logs

Contents

Course Introduction
1
Introduction
PREVIEW1m 30s
Course Conclusion
8
Conclusion
1m 9s

The course is part of this learning path

Monitoring and Alerting with GCP - Level 2
2
Start course
Overview
Difficulty
Intermediate
Duration
22m
Students
103
Ratings
5/5
starstarstarstarstar
Description

This course looks at how to use and manage cloud logging on the GCP platform and includes demos from GCP that you can follow along with.

We'll cover writing and listing log entries using gcloud, how you can use the API Explorer to list log entries, and how you can view logs and query log entries using Logs Explorer. We'll then move on to cloud audit logs including an overview of the different types of logs, as well as looking at audit log retention, and how you can view audit logs and export audit logs.

Learning Objectives

  • Write and list log entries with gcloud
  • List log entries using API explorer
  • View logs in the Logs Explorer
  • Learn how to view, export, and retain audit logs

Intended Audience

This course is intended for anyone who wants to learn how to use and manage cloud logging on the GCP platform.

Prerequisites

To get the most out of this course, you should already have a basic understanding of GCP and know your way around the platform.

Transcript

Welcome to viewing and exporting audit logs. In this lecture, we are going to touch on ways you can view and export audit logs in GCP.

Before you can view audit logs, you need to know the identifier of either the Cloud project in GCP, the folder, or the organization you wish to view audit logging information for. You can also specify certain fields, like resource.type, when you need specific details.

The table on your screen shows the different audit log names that are available. In this example, we can see logs for a specific project ID, logs for a specific folder, and logs for an organization.

There are several ways you can view audit log entries. For example, if you need to view logs for a project, you can use Logs Explorer. If you need to view logs for a folder or an organization, you can use gcloud or the Logging API.

If you need to export audit log entries, you can do so in a few different ways. For example, if you wish to export audit log entries outside of Logging, you’ll need to create a logs sink, and then give the sink a query that specifies which audit log types need to be exported. 

You can use aggregated sinks to export audit log entries for an organization, a folder, or for a billing account.

To read more about logs sinks and aggregated sinks, visit the URLs that you see on your screen:

Logs Sinks

Aggregated Sinks

Join me in the next lesson, where we will talk a little bit about audit log retention.

 

 

About the Author
Avatar
Thomas Mitchell
Instructor
Students
82339
Courses
86
Learning Paths
62

Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.

In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.

In his spare time, Tom enjoys camping, fishing, and playing poker.

Covered Topics

ComplianceManagementSecurityMonitoringGoogle Cloud PlatformSecurity for GoogleMonitoring for GoogleManagement for GoogleGoogle Cloud Logging