Audit Trails API, REST: Trail methods
A set of methods for managing trails.
JSON Representation
{
"id": "string",
"folderId": "string",
"createdAt": "string",
"updatedAt": "string",
"name": "string",
"description": "string",
"labels": "object",
"destination": {
// `destination` includes only one of the fields `objectStorage`, `cloudLogging`, `dataStream`
"objectStorage": {
"bucketId": "string",
"objectPrefix": "string"
},
"cloudLogging": {
"logGroupId": "string"
},
"dataStream": {
"databaseId": "string",
"streamName": "string"
},
// end of the list of possible fields`destination`
},
"serviceAccountId": "string",
"status": "string",
"filter": {
"pathFilter": {
"root": {
// `filter.pathFilter.root` includes only one of the fields `anyFilter`, `someFilter`
"anyFilter": {
"resource": {
"id": "string",
"type": "string"
}
},
"someFilter": {
"resource": {
"id": "string",
"type": "string"
},
"filters": [
{
// `filter.pathFilter.root.someFilter.filters[]` includes only one of the fields `anyFilter`, `someFilter`
"anyFilter": {
"resource": {
"id": "string",
"type": "string"
}
},
"someFilter": {},
// end of the list of possible fields`filter.pathFilter.root.someFilter.filters[]`
}
]
},
// end of the list of possible fields`filter.pathFilter.root`
}
},
"eventFilter": {
"filters": [
{
"service": "string",
"categories": [
{
"plane": "string",
"type": "string"
}
],
"pathFilter": {
"root": {
// `filter.eventFilter.filters[].pathFilter.root` includes only one of the fields `anyFilter`, `someFilter`
"anyFilter": {
"resource": {
"id": "string",
"type": "string"
}
},
"someFilter": {
"resource": {
"id": "string",
"type": "string"
},
"filters": [
{
// `filter.eventFilter.filters[].pathFilter.root.someFilter.filters[]` includes only one of the fields `anyFilter`, `someFilter`
"anyFilter": {
"resource": {
"id": "string",
"type": "string"
}
},
"someFilter": {},
// end of the list of possible fields`filter.eventFilter.filters[].pathFilter.root.someFilter.filters[]`
}
]
},
// end of the list of possible fields`filter.eventFilter.filters[].pathFilter.root`
}
}
}
]
}
},
"statusErrorMessage": "string",
"cloudId": "string",
"filteringPolicy": {
"managementEventsFilter": {
"resourceScopes": [
{
"id": "string",
"type": "string"
}
]
},
"dataEventsFilters": [
{
"service": "string",
"resourceScopes": [
{
"id": "string",
"type": "string"
}
],
// `filteringPolicy.dataEventsFilters[]` includes only one of the fields `includedEvents`, `excludedEvents`
"includedEvents": {
"eventTypes": [
"string"
]
},
"excludedEvents": {
"eventTypes": [
"string"
]
},
// end of the list of possible fields`filteringPolicy.dataEventsFilters[]`
}
]
}
}
Field | Description |
---|---|
id | string ID of the trail |
folderId | string Required. ID of the folder that the trail belongs to The maximum string length in characters is 50. |
createdAt | string (date-time) Required. The timestamp for the creation operation String in RFC3339 text format. The range of possible values is from To work with values in this field, use the APIs described in the Protocol Buffers reference. In some languages, built-in datetime utilities do not support nanosecond precision (9 digits). |
updatedAt | string (date-time) Required. The timestamp of the last update operation String in RFC3339 text format. The range of possible values is from To work with values in this field, use the APIs described in the Protocol Buffers reference. In some languages, built-in datetime utilities do not support nanosecond precision (9 digits). |
name | string Name of the trail Value must match the regular expression |
description | string Description of the trail The maximum string length in characters is 1024. |
labels | object Custom labels of the trail as No more than 64 per resource. The maximum string length in characters for each key is 63. Each key must match the regular expression |
destination | object Required. Destination configuration of the trail |
destination. objectStorage |
object Configuration for event delivery to Object Storage Uploaded objects will have prefix <trail_id>/ by default destination includes only one of the fields objectStorage , cloudLogging , dataStream |
destination. objectStorage. bucketId |
string Name of the destination bucket The string length in characters must be 3-63. |
destination. objectStorage. objectPrefix |
string Prefix for exported objects. Optional If specified, uploaded objects will have prefix <object_prefix>/<trail_id>/ |
destination. cloudLogging |
object Configuration for event delivery to Cloud Logging destination includes only one of the fields objectStorage , cloudLogging , dataStream |
destination. cloudLogging. logGroupId |
string ID of the Cloud Logging destination group The maximum string length in characters is 64. |
destination. dataStream |
object Configuration for event delivery to YDS destination includes only one of the fields objectStorage , cloudLogging , dataStream |
destination. dataStream. databaseId |
string ID of the database hosting the destination YDS |
destination. dataStream. streamName |
string Name of the destination YDS |
serviceAccountId | string Service account ID of the trail The maximum string length in characters is 50. |
status | string Required. Status of the trail
|
filter | object Filtering configuration of the trail deprecated: use filtering_policy instead |
filter. pathFilter |
object Configuration of default events gathering for the trail If not specified, default events won't be gathered for the trail |
filter. pathFilter. root |
object Required. Root element of the resource path filter for the trail Resource described in that filter node must contain the trail itself |
filter. pathFilter. root. anyFilter |
object Filter element with ANY type. If used, configures the trail to gather any events from the resource filter.pathFilter.root includes only one of the fields anyFilter , someFilter |
filter. pathFilter. root. anyFilter. resource |
object Required. Resource definition |
filter. pathFilter. root. anyFilter. resource. id |
string Required. ID of the resource The maximum string length in characters is 64. |
filter. pathFilter. root. anyFilter. resource. type |
string Required. Type of the resource The maximum string length in characters is 50. |
filter. pathFilter. root. someFilter |
object Filter element with SOME type. If used, configures the trail to gather some of the events from the resource filter.pathFilter.root includes only one of the fields anyFilter , someFilter |
filter. pathFilter. root. someFilter. resource |
object Required. Definition of the resource that contains nested resources |
filter. pathFilter. root. someFilter. resource. id |
string Required. ID of the resource The maximum string length in characters is 64. |
filter. pathFilter. root. someFilter. resource. type |
string Required. Type of the resource The maximum string length in characters is 50. |
filter. pathFilter. root. someFilter. filters[] |
object Required. Filters for the resources contained in the parent resource Must contain at least one element. |
filter. pathFilter. root. someFilter. filters[]. anyFilter |
object Filter element with ANY type. If used, configures the trail to gather any events from the resource filter.pathFilter.root.someFilter.filters[] includes only one of the fields anyFilter , someFilter |
filter. pathFilter. root. someFilter. filters[]. anyFilter. resource |
object Required. Resource definition |
filter. pathFilter. root. someFilter. filters[]. anyFilter. resource. id |
string Required. ID of the resource The maximum string length in characters is 64. |
filter. pathFilter. root. someFilter. filters[]. anyFilter. resource. type |
string Required. Type of the resource The maximum string length in characters is 50. |
filter. pathFilter. root. someFilter. filters[]. someFilter |
object Filter element with SOME type. If used, configures the trail to gather some of the events from the resource filter.pathFilter.root.someFilter.filters[] includes only one of the fields anyFilter , someFilter |
filter. eventFilter |
object Required. Configuration of additional events gathering from specific services |
filter. eventFilter. filters[] |
object List of filters for services The minimum number of elements is 0. |
filter. eventFilter. filters[]. service |
string Required. Service ID of the gathered events |
filter. eventFilter. filters[]. categories[] |
object Required. List of the event categories gathered for a specified service Must contain at least one element. |
filter. eventFilter. filters[]. categories[]. plane |
string Required. Plane of the gathered category
|
filter. eventFilter. filters[]. categories[]. type |
string Required. Type of the gathered category
|
filter. eventFilter. filters[]. pathFilter |
object Required. Resource path filter for a specified service |
filter. eventFilter. filters[]. pathFilter. root |
object Required. Root element of the resource path filter for the trail Resource described in that filter node must contain the trail itself |
filter. eventFilter. filters[]. pathFilter. root. anyFilter |
object Filter element with ANY type. If used, configures the trail to gather any events from the resource filter.eventFilter.filters[].pathFilter.root includes only one of the fields anyFilter , someFilter |
filter. eventFilter. filters[]. pathFilter. root. anyFilter. resource |
object Required. Resource definition |
filter. eventFilter. filters[]. pathFilter. root. anyFilter. resource. id |
string Required. ID of the resource The maximum string length in characters is 64. |
filter. eventFilter. filters[]. pathFilter. root. anyFilter. resource. type |
string Required. Type of the resource The maximum string length in characters is 50. |
filter. eventFilter. filters[]. pathFilter. root. someFilter |
object Filter element with SOME type. If used, configures the trail to gather some of the events from the resource filter.eventFilter.filters[].pathFilter.root includes only one of the fields anyFilter , someFilter |
filter. eventFilter. filters[]. pathFilter. root. someFilter. resource |
object Required. Definition of the resource that contains nested resources |
filter. eventFilter. filters[]. pathFilter. root. someFilter. resource. id |
string Required. ID of the resource The maximum string length in characters is 64. |
filter. eventFilter. filters[]. pathFilter. root. someFilter. resource. type |
string Required. Type of the resource The maximum string length in characters is 50. |
filter. eventFilter. filters[]. pathFilter. root. someFilter. filters[] |
object Required. Filters for the resources contained in the parent resource Must contain at least one element. |
filter. eventFilter. filters[]. pathFilter. root. someFilter. filters[]. anyFilter |
object Filter element with ANY type. If used, configures the trail to gather any events from the resource filter.eventFilter.filters[].pathFilter.root.someFilter.filters[] includes only one of the fields anyFilter , someFilter |
filter. eventFilter. filters[]. pathFilter. root. someFilter. filters[]. anyFilter. resource |
object Required. Resource definition |
filter. eventFilter. filters[]. pathFilter. root. someFilter. filters[]. anyFilter. resource. id |
string Required. ID of the resource The maximum string length in characters is 64. |
filter. eventFilter. filters[]. pathFilter. root. someFilter. filters[]. anyFilter. resource. type |
string Required. Type of the resource The maximum string length in characters is 50. |
filter. eventFilter. filters[]. pathFilter. root. someFilter. filters[]. someFilter |
object Filter element with SOME type. If used, configures the trail to gather some of the events from the resource filter.eventFilter.filters[].pathFilter.root.someFilter.filters[] includes only one of the fields anyFilter , someFilter |
statusErrorMessage | string Current error message of the trail. Empty in case if the trail is active |
cloudId | string Required. ID of the cloud that the trail belongs to The maximum string length in characters is 50. |
filteringPolicy | object Event filtering policy Describes which groups of events will be sent and which resources will be monitored Combination of policies describing event filtering process of the trail At least one filed must be filled |
filteringPolicy. managementEventsFilter |
object Singular filter describing gathering management events Policy for gathering management events |
filteringPolicy. managementEventsFilter. resourceScopes[] |
object Required. A list of resources which will be monitored by the trail The number of elements must be in the range 1-1024. |
filteringPolicy. managementEventsFilter. resourceScopes[]. id |
string Required. ID of the resource The maximum string length in characters is 64. |
filteringPolicy. managementEventsFilter. resourceScopes[]. type |
string Required. Type of the resource The maximum string length in characters is 50. |
filteringPolicy. dataEventsFilters[] |
object List of filters describing gathering data events The number of elements must be less than 128. |
filteringPolicy. dataEventsFilters[]. service |
string Required. Name of the service whose events will be delivered |
filteringPolicy. dataEventsFilters[]. resourceScopes[] |
object Required. A list of resources which will be monitored by the trail The number of elements must be in the range 1-1024. |
filteringPolicy. dataEventsFilters[]. resourceScopes[]. id |
string Required. ID of the resource The maximum string length in characters is 64. |
filteringPolicy. dataEventsFilters[]. resourceScopes[]. type |
string Required. Type of the resource The maximum string length in characters is 50. |
filteringPolicy. dataEventsFilters[]. includedEvents |
object Explicitly included events of specified service New events of the service won't be delivered by default filteringPolicy.dataEventsFilters[] includes only one of the fields includedEvents , excludedEvents |
filteringPolicy. dataEventsFilters[]. includedEvents. eventTypes[] |
string Required. The number of elements must be in the range 1-1024. |
filteringPolicy. dataEventsFilters[]. excludedEvents |
object Explicitly excluded events of specified service New events of the service will be delivered by default filteringPolicy.dataEventsFilters[] includes only one of the fields includedEvents , excludedEvents |
filteringPolicy. dataEventsFilters[]. excludedEvents. eventTypes[] |
string Required. The number of elements must be in the range 1-1024. |
Methods
Method | Description |
---|---|
create | Creates a trail in the specified folder. |
delete | Deletes the specified trail. |
get | Returns the specified trail. |
list | Retrieves the list of trails in the specified folder. |
listAccessBindings | Lists existing access bindings for the specified trail. |
listOperations | Lists operations for the specified trail. |
setAccessBindings | Sets access bindings for the trail. |
update | Updates the specified trail. |
updateAccessBindings | Updates access bindings for the trail. |