Cloud Logging field definitions

After you enable Cloud Audit Logs, the Google Cloud console logging explorer records the contents of the following categories:

  • AuditLog proto
  • API-level log

Enable and view

Cloud Audit Logs allow you to view administrative activities and permissions within Google Cloud resources.

Enable logging

Follow these steps to enable the logs.

  1. Navigate to the Google Cloud console, select IAM & Admin > Audit Logs.
  2. Enter the Dialogflow API filter for Data access audit logs configuration, and select the following API types: Admin read, Data read, and Data write.

View logs

You must acquire the project owner and private logs viewer IAM roles, then follow these steps to view the logs.

  1. Navigate to the Google Cloud console, then select Logging > Logs Explorer.
  2. Optional: In Logs Explorer, add a filter or adjust the timeline as preferred.
  3. Select an entry to view details.

The logging proto

Each log entry will be an instance of the AuditLog proto, which contains the following fields:

Field Type Field Name
string service_name
string method_name
string resource_name
ResourceLocation resource_location
  • current_locations
  • original_locations
google.protobuf.Struct resource_original_state
int64 num_response_items
google.rpc.Status status
AuthenticationInfo authentication_info
  • principal_email
  • principal
  • authority_selector
  • third_party_principal
  • service_account_key_name
  • service_account_delegation_info
  • service_account_delegation_session_id
  • principal_subject
  • service_delegation_history
repeated AuthorizationInfo authorization_info
  • authorization_logging_options
  • resource_attributes
  • admin_access_control_authorization_info
  • permission_type
    • ADMIN_READ
    • ADMIN_WRITE
    • DATA_READ
    • DATA_WRITE
  • impersonation_peer_borg_role
PolicyViolationInfo policy_violation_info
repeated PolicyViolationInfo policy_violations
RequestMetadata request_metadata
  • caller_ip
  • caller_supplied_user_agent
  • caller_network
  • caller_location
  • caller_region_code
  • caller_internal_gce_vnid
  • caller_gce_network_project_number
  • caller_is_gce_client
  • request_attributes
  • destination_attributes
google.protobuf.Struct request
google.protobuf.Struct response
google.protobuf.Struct metadata
bytes audit_loggable_mint
bytes loggable_ubermint
bytes audit_loggable_service_control_token
Redaction redactions
  • type
    • CLEARED
    • REPLACED
    • FAILED_TO_PROVIDE
    • NOT_REQUIRED
    • PARTIAL
  • field
  • reason

Depending on the enabled Cloud Audit Logs fields, the log explorer populates the API's request and response bodies into the request and response fields of the logging proto.

API-level logged fields

API Logged field
AnalyzeContent Request
  • participant
StreamingAnalyzeContent Request
  • participant
 Response
  • speech_model
CreateConversation Request
  • parent
  • conversation
    • conversation_profile
 Response
  • conversation_profile
  • lifecycle_state
  • name
  • start_time
CreateParticipant Request
  • parent
  • participant
    • role
 Response
  • name
  • role
SuggestConversationSummary Request
  • conversation
 Response
  • latest_message
  • answer_record
SearchKnowledge Request
  • parent
  • conversation_profile
  • conversation
  • latest_message
 Response
  • answer_record
SuggestKnowledgeAssist Request
  • parent
  • latest_message
 Response
  • latest_message
  • answer_record