Google Cloud access logs are a valuable tool for diagnosing problems.
You can view the access logs in the
Logs Explorer. To view logs for
troubleshooting security gateway problems,
configure Data Access audit logs for the BeyondCorp Enterprise API.
End user access
Google Cloud access logs provide valuable insights into user access patterns and can help you troubleshoot access denial errors. These logs record both successful and denied access attempts, offering a comprehensive view of user interactions with your applications. In cases of denied access, the logs include detailed information about the reasons for denial, such as the specific access levels that were not met.
The logs also contain metadata, such as timestamps, user identities, and resource details, providing further context for analysis and troubleshooting. To filter the logs relevant to security gateway access, use the following filter:
resource.type="audited_resource"
resource.labels.method="AuthorizeUser"
resource.labels.service="beyondcorp.googleapis.com"
Security gateway resource issues
If you encounter issues while managing security gateway resources, such as during creation, updating, or deletion, you can view the logs relevant to security gateway resource management by using the following filter:
resource.type="audited_resource"
resource.labels.service="beyondcorp.googleapis.com"