Document toolboxDocument toolbox

cloud.google

Owned by Juan Tomás Alonso Nieto (Deactivated), created
Jun 06, 2023
1 min read
[ 1 Introduction ] [ 2 Valid tags and data tables  ] [ 3 Table structure ]

Introduction

The tags beginning with cloud.google identify events generated by Google.

Valid tags and data tables 

The full tag must have 3 levels. The first two are fixed as cloud.google. The third level identifies the type of events sent.

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service

Tags

Data tables

Product / Service

Tags

Data tables

Google logs

cloud.google.activity

cloud.google.activity

cloud.google.audit

cloud.google.audit

For more information, read more About Devo tags.

Table structure

These are the fields displayed in these tables:

cloud.google.activity

Field

Type

Source field name

Extra fields

Field

Type

Source field name

Extra fields

eventdate

timestamp

 

 

host

str

vhost

 

log

str

 

 

insert_id

str

 

 

severity

str

 

 

project_id

str

 

 

service_name

str

 

 

zone

str

 

 

resource_id

str

 

 

resource_name

str

 

 

resource_type

str

 

 

resource_zone

str

 

 

user_id

str

 

 

ip_address

str

 

 

user_agent

str

 

 

url

str

 

 

can_Ip_Forward

str

 

 

description

str

 

 

disks_auto_delete

str

 

 

disks_boot

str

 

 

disks_deviceName

str

 

 

disk_size_gb

str

 

 

Gdisk_type

str

 

 

source_image

str

 

 

disk_mode

str

 

 

disk_type

str

 

 

machine_type

str

 

 

metadata_items

str

 

 

metadata_name

str

 

 

netIfaces_accessConf_name

str

 

 

netIfaces_accessConf_type

str

 

 

netIfaces_network

str

 

 

scheduling_autoRestart

str

 

 

scheduling_onHostMaintenance

str

 

 

scheduling_preemptible

str

 

 

servAccounts_email

str

 

 

servAccounts_scopes

str

 

 

tags_items

str

 

 

tags_zone

str

 

 

operation_type

str

 

 

operation_name

str

 

 

operation_id

str

 

 

operation_zone

str

 

 

hostchain

str

 

✓

tag

str

 

✓

rawMessage

str

rawSource

✓

cloud.google.audit

Field

Type

Source field name

Extra fields

Field

Type

Source field name

Extra fields

eventdate

timestamp

 

 

host

str

vhost

 

type

str

 

 

principal_email

str

 

 

caller_ip

str

 

 

service_name

str

 

 

method_name

str

 

 

project_number

str

 

 

project_id

str

 

 

lifecycle_state

str

 

 

name

str

 

 

create_time

str

 

 

parent_type

str

 

 

parent_id

str

 

 

insert_id

str

 

 

resource_type

str

 

 

project_id_label

str

 

 

timestamp

str

 

 

severity

str

 

 

log_name

str

 

 

hostchain

str

 

✓

tag

str

 

✓

rawMessage

str

rawSource

✓