Table of contents
1.
Introduction
2.
AuditLog
2.1.
Common audit log format
2.2.
Status
2.3.
AuthenticationInfo
3.
App Engine AuditData
3.1.
ApiConfigHandler
3.2.
ApiEndpointHandler
3.3.
AuditData
3.3.1.
UpdateServiceMethod
3.3.2.
UpdateServiceRequest 
3.3.3.
Service
3.3.4.
TrafficSplit
3.3.5.
CreateVersionMethod
3.3.6.
CreateVersionRequest
3.3.7.
Version
3.3.8.
CPU utilization
3.3.9.
DiskUtilization
3.3.10.
ErrorHandler
3.3.11.
Entrypoint
4.
Frequently Asked Questions
4.1.
What does the resource field of the AuthorizationInfo specifies?
4.2.
What does the numResponseItems field of the AuditLog specifies?
4.3.
What does the expiration field of the StaticFilesHandler specifies?
5.
Conclusion
Last Updated: Mar 27, 2024

Basics of Audit Logs Datatypes

Career growth poll
Do you think IIT Guwahati certified course can help you in your career?

Introduction

To record the administrative activities and accesses within the google cloud resources, the google cloud services write audit logs. They help answer "who did what, where, and when?" within the google cloud resources with the same amount of transparency as in an on-premises environment. Audit logs help the user with security, auditing, and compliance entities that monitor google cloud data and systems.In this blog, we will go through the data types of basic-level of audit logs.

AuditLog

The common audit log format that is used for Google Cloud Platform API operations is:

Common audit log format

Syntax:

{
  "serviceName": string,
  "methodName": string,
  "resourceName": string,
  "numResponseItems": string,
  "status": {
    object (Status)
  },
  "authenticationInfo": {
    object (AuthenticationInfo)
  },
  "authorizationInfo": [
    {
      object (AuthorizationInfo)
    }
  ],
  "requestMetadata": {
    object (RequestMetadata)
  },
  "request": {
    object
  },
  "response": {
    object
  },
  "metadata": {
    object
  },
  "serviceData": {
    "@type": string,
    field1: ...,
    ...
  }
}

 

Audit log format fields

Status

The status type represents a logical error model which is suitable for different programming environments, including REST APIs and RPC APIs. The status message has three parts: error code, error message, and error details.

Syntax:

{
  "code": integer,
  "message": string,
  "details": [
    {
      "@type": string,
      field1: ...,
      ...
    }
  ]
}

 

Status fields

AuthenticationInfo

Syntax:

{
  "principalEmail": string,
  "authoritySelector": string,
  "principalSubject": string
}

 

Authentication Info Fields

App Engine AuditData

Now, let's look at Api Config Handler:

ApiConfigHandler

Syntax:

{
  "authFailAction": enum(AuthFailAction),
  "login": enum(LoginRequirement),
  "script": string,
  "securityLevel": enum(SecurityLevel),
  "url": string
}

 

Api Config Handler fields

ApiEndpointHandler

It uses the google cloud endpoints for handling the requests.

Syntax:

{
  "scriptPath": string
}

 

Api Endpoint Handler fields

AuditData

The App engine admin services the audit logs.

Syntax:

{
  // Union field method can be only one of the following:
  "updateService": {
    object(UpdateServiceMethod)
  },
  "createVersion": {
    object(CreateVersionMethod)
  }
  // End of list of possible types for union field method.
}

Audit Data Fields


UpdateServiceMethod

It gives detailed information about the services.patch call.

Syntax:

{
  "request": {
    object(UpdateServiceRequest)
  }
}


UpdateServiceRequest 

It is used to request messages for Services.UpdateService.

Syntax:

{
  "name": string,
  "service": {
    object(Service)
  },
  "updateMask": string,
  "migrateTraffic": boolean
}

 

Update Service Request fields


Service

A Service resource is defined as a logical component of an application that has the capability of sharing the state and communicating in a secure fashion with the other services. Suppose an application that handles customer requests might also include separate services to handle other tasks like backend data analysis or API requests from mobile devices. Each service contains a collection of versions that define a specific set of code that is to be used to implement the functionality of that service.

Syntax:

{
  "name": string,
  "id": string,
  "split": {
    object(TrafficSplit)
  }
}

 

Service fields


TrafficSplit

It is used to define the traffic routing configuration for versions within a single service. It defines how the traffic directed to the service is assigned to the versions.

Syntax:

{
  "shardBy": enum(ShardBy),
  "allocations": {
    string: number,
    ...
  }
}

 

Traffic Split fields


CreateVersionMethod

It provides detailed information about the versions. create call.

Syntax:

{
  "request": {
    object(CreateVersionRequest)
  }
}

 

Create Version Method


CreateVersionRequest

It requests messages for the Versions.CreateVersion.

Syntax:

{
  "parent": string,
  "version": {
    object(Version)
  }
}

 

Create Version Request


Version

The version resource contains a set of source code and configuration files that are deployed into service. 
 

Version fields


CPU utilization

It defines target scaling by CPU usage

Syntax:

{
  "aggregationWindowLength": string,
  "targetUtilization": number
}

 

CPU utilization


DiskUtilization

It defines the target scaling by disk usage. It is only applicable in the App Engine flexible environment.

Syntax:

{
  "targetWriteBytesPerSecond": number,
  "targetWriteOpsPerSecond": number,
  "targetReadBytesPerSecond": number,
  "targetReadOpsPerSecond": number
}

 

DiskUtilization


ErrorHandler

It is a custom static error page that is to be served when an error occurs.

Syntax:

{
  "errorCode": enum(ErrorCode),
  "staticFile": string,
  "mimeType": string
}

 

ErrorHandler
EndpointsApiService

It provides the tooling for the serving open API and gRPC endpoints through NGINX proxy. It is only valid for App Engine Flexible environment deployments. Here the fields refer to the name and configuration ID of the "service" resource in the Service Management API.

Syntax:

{
  "name": string,
  "configId": string,
  "rolloutStrategy": enum(RolloutStrategy),
  "disableTraceSampling": boolean
}

 

EndpointsApiService


Entrypoint

It represents the entrypoint for the application

Syntax:

{
  "shell": string
}

Frequently Asked Questions

What does the resource field of the AuthorizationInfo specifies?

The resource field specifies which resource is being accessed.

What does the numResponseItems field of the AuditLog specifies?

The numResponseItems represents the number of items that are returned from a List or Query API method.

What does the expiration field of the StaticFilesHandler specifies?

It is the duration by which the web proxies and browsers should cache the static files.

Conclusion

In this article, we have extensively discussed the basics of Audit logs Datatype in GCP.

After reading about the basics of Audit logs Datatype in GCP, are you not feeling excited to read/explore more articles on Google Cloud? Don't worry; Coding Ninjas has you covered. To learn about GCP certification: Google Cloud Platform, the difference between AWS, Azure & Google Cloud, and which platform is best: AWS vs. Google Cloud.

If you wish to enhance your skills in Data Structures and AlgorithmsCompetitive ProgrammingJavaScript, etc., you should check out our Guided path column at Coding Ninjas Studio. We at Coding Ninjas Studio organize many contests in which you can participate. You can also prepare for the contests and test your coding skills by giving the mock test series available. In case you have just started the learning process, and your dream is to crack major tech giants like Amazon, Microsoft, etc., then you should check out the most frequently asked problems and the interview experiences of your seniors that will surely help you in landing a job in your dream company. 

Do upvote if you find the blogs helpful.

Happy Learning!

Live masterclass