[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThis section outlines the various original sources that capture audit logs.\u003c/p\u003e\n"],["\u003cp\u003eAudit logs are captured from GKE Identity Service, Kubernetes, Observability logger, and Service Mesh Envoy.\u003c/p\u003e\n"],["\u003cp\u003eSystem logging protocol (syslog) is also an original source for audit logs.\u003c/p\u003e\n"]]],[],null,["# Audit log sources\n\nThis section contains information about the following original sources that\ncapture audit logs:\n\n- [GKE Identity Service audit logs](/distributed-cloud/hosted/docs/latest/gdch/platform-application/pa-ao-operations/audit-ais-logs)\n- [Kubernetes audit logs](/distributed-cloud/hosted/docs/latest/gdch/platform-application/pa-ao-operations/audit-kubernetes)\n- [Observability audit logger](/distributed-cloud/hosted/docs/latest/gdch/platform-application/pa-ao-operations/audit-observability-logger)\n- [Service Mesh Envoy access logs](/distributed-cloud/hosted/docs/latest/gdch/platform-application/pa-ao-operations/audit-service-mesh-envoy)\n- [System logging protocol (syslog) audit logs](/distributed-cloud/hosted/docs/latest/gdch/platform-application/pa-ao-operations/audit-syslog)"]]
