Stay organized with collections
Save and categorize content based on your preferences.
Backups ensure that audit logs are preserved even if the original data is lost
or corrupted, helping meet requirements and letting you recover information in
case of system failures or accidental deletions. Restored audit logs provide
access to historical data, enabling analysis of past events, security incidents,
and user activity.
Implementing a backup and restore process for audit logs is beneficial for
maintaining data integrity, ensuring compliance, and enabling historical
analysis.
You can secure audit logs from your Google Distributed Cloud (GDC) air-gapped environment
in remote backup buckets to preserve and restore data when necessary. This
process is handled by Infrastructure Operators (IOs) who install and configure
the necessary components to recover historical audit logs from those backups.
Identify the source bucket
You must identify the source GDC bucket that contains
the original audit logs you want to secure.
To get the permissions you need to view platform audit logs buckets, ask your
Organization IAM Admin to grant you the Audit Logs Platform Bucket Viewer
(audit-logs-platform-bucket-viewer) role in the Management API server in the
audit-logs-loki-pa-buckets namespace.
You must share with the IO the name and endpoint of the bucket that contains the
logs you want to secure. To learn how to view bucket configurations, see
List and view storage bucket configurations.
Contact your IO to create a backup and restore audit logs
To request a backup and restore process for audit logs, contact your
Infrastructure Operator (IO) and provide them with the backup bucket's endpoint
and access credentials. You are responsible for ensuring the IO gets these
permissions upon request.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eBacking up audit logs is crucial for data preservation, compliance, and historical analysis in case of data loss or system failures.\u003c/p\u003e\n"],["\u003cp\u003eInfrastructure Operators (IOs) are responsible for the installation and configuration of backup and restore processes for audit logs from Google Distributed Cloud (GDC) air-gapped environments.\u003c/p\u003e\n"],["\u003cp\u003eYou need the \u003ccode\u003eaudit-logs-platform-bucket-viewer\u003c/code\u003e role to view platform audit log buckets, which is granted by the Organization IAM Admin in the Management API server.\u003c/p\u003e\n"],["\u003cp\u003eTo initiate a backup and restore process, you must identify the source bucket containing the audit logs and provide the IO with its name and endpoint, and ensure they have access credentials.\u003c/p\u003e\n"]]],[],null,["# Secure and restore audit logs\n\nBackups ensure that audit logs are preserved even if the original data is lost\nor corrupted, helping meet requirements and letting you recover information in\ncase of system failures or accidental deletions. Restored audit logs provide\naccess to historical data, enabling analysis of past events, security incidents,\nand user activity.\n\nImplementing a backup and restore process for audit logs is beneficial for\nmaintaining data integrity, ensuring compliance, and enabling historical\nanalysis.\n\nYou can secure audit logs from your Google Distributed Cloud (GDC) air-gapped environment\nin remote backup buckets to preserve and restore data when necessary. This\nprocess is handled by Infrastructure Operators (IOs) who install and configure\nthe necessary components to recover historical audit logs from those backups.\n\nIdentify the source bucket\n--------------------------\n\nYou must identify the source GDC bucket that contains\nthe original audit logs you want to secure.\n\nTo get the permissions you need to view platform audit logs buckets, ask your\nOrganization IAM Admin to grant you the Audit Logs Platform Bucket Viewer\n(`audit-logs-platform-bucket-viewer`) role in the Management API server in the\n`audit-logs-loki-pa-buckets` namespace.\n\nYou must share with the IO the name and endpoint of the bucket that contains the\nlogs you want to secure. To learn how to view bucket configurations, see\n[List and view storage bucket configurations](/distributed-cloud/hosted/docs/latest/gdch/platform/pa-user/list-view-storage-buckets).\n\nContact your IO to create a backup and restore audit logs\n---------------------------------------------------------\n\nTo request a backup and restore process for audit logs, contact your\nInfrastructure Operator (IO) and provide them with the backup bucket's endpoint\nand access credentials. You are responsible for ensuring the IO gets these\npermissions upon request.\n\nTo learn how to grant access, see [Grant and revoke access](/distributed-cloud/hosted/docs/latest/gdch/platform/pa-user/iam/set-up-role-bindings)."]]
