FAQ: Identity Cloud audit log security

Questions

• How are Identity Cloud audit logs captured? 
• Where are Identity Cloud audit logs stored, and for how long? 
• Are audit logs backed up and kept secure?
• How can we access Identity Cloud audit logs?

How are Identity Cloud audit logs captured? 

Audit logs in Identity Cloud are captured by Google Cloud's operations suite (formerly Stackdriver) and held in Cloud Logging. The audit handler is set to Standard Output (stdout), and the logs are captured from there. 

See Cloud Logging for further information on Cloud Logging in Google Cloud's operations suite.

Where are Identity Cloud audit logs stored, and for how long? 

Identity Cloud audit logs are stored in Google's Cloud Logging for 30 days.

Are audit logs backed up and kept secure?

Yes. Backups of Identity Cloud audit data are performed by Google Cloud Platform (GCP) and kept securely by Google. The logs cannot be altered in GCP.

How can we access Identity Cloud audit logs?

Audit logs can be accessed using a REST call. See View audit and debug logs for further information.

The REST call is backed by Cloud Logging.

See Also

Does Identity Cloud include an audit logging service?

What logging sources are available in Identity Cloud?

View audit and debug logs