4

I have been looking at the new BigQuery Logging feature in the Cloud Platform Console, but it seems a bit inconsistent in what is being logging.

I can see some creates, deletes, inserts and queries. However, when I did a few queries and copy jobs through the web UI they do not show up.

  1. Should activity in the BigQuery web UI also be logged?
  2. Does it differ from where the request comes from, eg. console or API access?

enter image description here

DarrenCibis
  • 865
  • 10
  • 25
  • I was reviewing the documentation and the BigQuery send automatically the logs to StackDriver, afterwards you can filter and export them. Link:https://cloud.google.com/bigquery/docs/reference/auditlogs/ – Alexandre Moraes Jan 24 '20 at 10:45

3 Answers3

4

There is no difference between console or API access. An activity in the BigQuery web UI should be logged.

Are you using Cloud Log viewer to view these logs? In some cases, there might be a few secs delay when these logs show up in the log viewer. And you might have to refresh the logs.

Nitin Sharma
  • 56
  • 1
  • 2
  • I am using the web UI to view the logs(Image above). In the case of deleting tables(Web UI) I can see that they are coming up within 20 seconds. In the case of queries and copy jobs(Web UI) I could not see any records even when checking the next day. – DarrenCibis Dec 16 '15 at 22:18
  • Could you confirm that you are have selected the Log Viewer project that was used to issue the query in Log Viewer? If yes, would you mind sharing your project information? – Nitin Sharma Dec 16 '15 at 23:04
  • 1
    Can share a project_id:job_id that has this problem? You can PM me this information – Nitin Sharma Dec 16 '15 at 23:18
  • Hi, Yes I have selected the same project in the log viewer as I used to run the query. – DarrenCibis Dec 17 '15 at 23:26
  • Here is a query I did this morning from the web UI gdfp-7415:job_TerS-wDqE8-5YGOftZljWBydiSI It is not showing up in Logs Viewer – DarrenCibis Dec 17 '15 at 23:39
  • 1
    You need to be the member of project-owner group to view data_access events in the Log viewer. Could you reach out to project owner and confirm that your project is receiving data_access audit logs? – Nitin Sharma Dec 18 '15 at 20:39
3

Logs containing information about queries are written to the Data Access log stream as opposed to the Admin Activity stream. Only users with Project Owner permissions can view the contents of the Data Access logs which might be why you aren't seeing these.

You should check with the project owner to confirm you have the right permissions to see these logs.

Joe Corkery
  • 2,564
  • 3
  • 18
  • 26
1

To view the Data Access audit logs, you must have the Cloud IAM roles Logging/Private Logs Viewer or Project/Owner. I had similar issue recently and after enabling the Logging/Private Logs Viewer I was able to see the logs

SunnyRD
  • 21
  • 4