Audit Trails Events: CreateTrail
- Event JSON schema
- Field description
- IamAuthentication
- IamTokenInfo
- Authorization
- ResourceMetadata
- Resource
- RequestMetadata
- Status
- EventDetails
- Destination
- ObjectStorage
- CloudLogging
- DataStream
- EventRouter
- PathFilter
- PathFilterElement
- PathFilterElementAny
- Resource
- PathFilterElementSome
- EventFilter
- EventFilterElement
- FilteringPolicy
- ManagementEventsFiltering
- DataEventsFiltering
- EventTypes
Event JSON schema
{
"eventId": "string",
"eventSource": "string",
"eventType": "string",
"eventTime": "string",
"authentication": {
"authenticated": "boolean",
"subjectType": "string",
"subjectId": "string",
"subjectName": "string",
"federationId": "string",
"federationName": "string",
"federationType": "string",
"tokenInfo": {
"maskedIamToken": "string",
"iamTokenId": "string",
"impersonatorId": "string",
"impersonatorType": "string",
"impersonatorName": "string",
"impersonatorFederationId": "string",
"impersonatorFederationName": "string",
"impersonatorFederationType": "string"
}
},
"authorization": {
"authorized": "boolean"
},
"resourceMetadata": {
"path": [
{
"resourceType": "string",
"resourceId": "string",
"resourceName": "string"
}
]
},
"requestMetadata": {
"remoteAddress": "string",
"userAgent": "string",
"requestId": "string",
"remotePort": "string"
},
"eventStatus": "string",
"error": {
"code": "integer",
"message": "string",
"details": [
"object"
]
},
"details": {
"trailId": "string",
"trailName": "string",
"destination": {
// Includes only one of the fields `objectStorage`, `cloudLogging`, `dataStream`, `eventrouter`
"objectStorage": {
"bucketId": "string",
"objectPrefix": "string"
},
"cloudLogging": {
// Includes only one of the fields `logGroupId`, `folderId`
"logGroupId": "string",
"folderId": "string"
// end of the list of possible fields
},
"dataStream": {
"databaseId": "string",
"streamName": "string",
"codec": "string"
},
"eventrouter": {
"eventrouterConnectorId": "string"
}
// end of the list of possible fields
},
"serviceAccountId": "string",
"status": "string",
"pathFilter": {
"root": {
// Includes only one of the fields `anyFilter`, `someFilter`
"anyFilter": {
"resource": {
"id": "string",
"type": "string"
}
},
"someFilter": {
"resource": {
"id": "string",
"type": "string"
},
"filters": [
"object"
]
}
// end of the list of possible fields
}
},
"eventFilter": {
"dataplaneFilters": [
{
"service": "string"
}
]
},
"filteringPolicy": {
"managementEventsFilter": {
"resourceScopes": [
{
"id": "string",
"type": "string"
}
]
},
"dataEventsFilters": [
{
"service": "string",
// Includes only one of the fields `includedEvents`, `excludedEvents`
"includedEvents": {
"eventTypes": [
"string"
]
},
"excludedEvents": {
"eventTypes": [
"string"
]
},
// end of the list of possible fields
"resourceScopes": [
{
"id": "string",
"type": "string"
}
]
}
]
},
"description": "string",
"labels": "object"
},
"requestParameters": "object",
"response": "object"
}
Field description
|
Field |
Description |
|
eventId |
string |
|
eventSource |
string |
|
eventType |
string |
|
eventTime |
string (date-time) String in RFC3339 text format. The range of possible values is from To work with values in this field, use the APIs described in the |
|
authentication |
|
|
authorization |
|
|
resourceMetadata |
|
|
requestMetadata |
|
|
eventStatus |
enum (EventStatus)
|
|
error |
The error result of the operation in case of failure or cancellation. |
|
details |
|
|
requestParameters |
object |
|
response |
object |
IamAuthentication
|
Field |
Description |
|
authenticated |
boolean |
|
subjectType |
enum (IamSubjectType)
|
|
subjectId |
string |
|
subjectName |
string |
|
federationId |
string |
|
federationName |
string |
|
federationType |
enum (FederationType)
|
|
tokenInfo |
IamTokenInfo
|
Field |
Description |
|
maskedIamToken |
string |
|
iamTokenId |
string |
|
impersonatorId |
string |
|
impersonatorType |
enum (IamSubjectType)
|
|
impersonatorName |
string |
|
impersonatorFederationId |
string |
|
impersonatorFederationName |
string |
|
impersonatorFederationType |
enum (FederationType)
|
Authorization
|
Field |
Description |
|
authorized |
boolean |
ResourceMetadata
|
Field |
Description |
|
path[] |
Resource
|
Field |
Description |
|
resourceType |
string |
|
resourceId |
string |
|
resourceName |
string |
RequestMetadata
|
Field |
Description |
|
remoteAddress |
string |
|
userAgent |
string |
|
requestId |
string |
|
remotePort |
string (int64) |
Status
The error result of the operation in case of failure or cancellation.
|
Field |
Description |
|
code |
integer (int32) Error code. An enum value of google.rpc.Code. |
|
message |
string An error message. |
|
details[] |
object A list of messages that carry the error details. |
EventDetails
|
Field |
Description |
|
trailId |
string |
|
trailName |
string |
|
destination |
|
|
serviceAccountId |
string |
|
status |
enum (TrailStatus)
|
|
pathFilter |
|
|
eventFilter |
|
|
filteringPolicy |
|
|
description |
string The maximum string length in characters is 1024. |
|
labels |
object (map<string, string>) No more than 64 per resource. The maximum string length in characters for each value is 63. Each value must match the regular expression |
Destination
|
Field |
Description |
|
objectStorage |
Includes only one of the fields |
|
cloudLogging |
Includes only one of the fields |
|
dataStream |
Includes only one of the fields |
|
eventrouter |
Includes only one of the fields |
ObjectStorage
|
Field |
Description |
|
bucketId |
string |
|
objectPrefix |
string |
CloudLogging
|
Field |
Description |
|
logGroupId |
string Includes only one of the fields |
|
folderId |
string Includes only one of the fields |
DataStream
|
Field |
Description |
|
databaseId |
string |
|
streamName |
string |
|
codec |
enum (Codec)
|
EventRouter
|
Field |
Description |
|
eventrouterConnectorId |
string |
PathFilter
|
Field |
Description |
|
root |
PathFilterElement
|
Field |
Description |
|
anyFilter |
Includes only one of the fields |
|
someFilter |
Includes only one of the fields |
PathFilterElementAny
|
Field |
Description |
|
resource |
Resource
|
Field |
Description |
|
id |
string The maximum string length in characters is 64. |
|
type |
string The maximum string length in characters is 50. |
PathFilterElementSome
|
Field |
Description |
|
resource |
|
|
filters[] |
The number of elements must be greater than 0. |
EventFilter
|
Field |
Description |
|
dataplaneFilters[] |
The minimum number of elements is 0. |
EventFilterElement
|
Field |
Description |
|
service |
string |
FilteringPolicy
|
Field |
Description |
|
managementEventsFilter |
|
|
dataEventsFilters[] |
The number of elements must be less than 128. |
ManagementEventsFiltering
|
Field |
Description |
|
resourceScopes[] |
The number of elements must be in the range 1-1024. |
DataEventsFiltering
|
Field |
Description |
|
service |
string |
|
includedEvents |
Includes only one of the fields |
|
excludedEvents |
Includes only one of the fields |
|
resourceScopes[] |
The number of elements must be in the range 1-1024. |
EventTypes
|
Field |
Description |
|
eventTypes[] |
string The number of elements must be in the range 1-1024. |