ExpertMedium1 markMultiple Choice
GCP ACE · Question 49 · Domain 5.3: Viewing audit logs
You are using the Logs Explorer in the Google Cloud Console. You want to write a query to filter the logs so that you ONLY see Admin Activity audit logs related to Compute Engine instances.
Which query filter should you use?
You are using the Logs Explorer in the Google Cloud Console. You want to write a query to filter the logs so that you ONLY see Admin Activity audit logs related to Compute Engine instances.
Which query filter should you use?
Answer options:
A.
logName="projects/[PROJECT_ID]/logs/cloudaudit.googleapis.com%2Factivity" AND resource.type="gce_instance"
B.
logName="syslog" AND resource.type="gce_instance"
C.
severity=ERROR AND resource.type="gce_instance"
D.
resource.type="audit_log" AND service="compute.googleapis.com"
How to approach this question
Identify the specific `logName` used for Admin Activity logs and the `resource.type` for Compute Engine.
Full Answer
A.`logName="projects/[PROJECT_ID]/logs/cloudaudit.googleapis.com%2Factivity" AND resource.type="gce_instance"`✓ Correct
logName="projects/[PROJECT_ID]/logs/cloudaudit.googleapis.com%2Factivity" AND resource.type="gce_instance"
In Cloud Logging, Admin Activity audit logs are stored under the log name `cloudaudit.googleapis.com/activity`. To narrow the search to only Compute Engine VMs, you add a filter for the resource type `gce_instance`. Combining these gives you exactly the administrative actions performed on VMs.
Common mistakes
Confusing OS logs (`syslog`) with GCP API audit logs.
Practice the full GCP Associate Cloud Engineer Practice Exam 5
50 questions · hints · full answers · grading
More questions from this exam
Q01You are starting a new initiative and need to create a new Google Cloud project using the command...EasyQ02A developer on your team needs to manage App Engine applications, including deploying new version...MediumQ03You have created a new Google Cloud project. You need to allow a specific group of developers to ...MediumQ04Which statement best describes the relationship between Google Cloud projects and billing accounts?EasyQ05Your company wants to be notified immediately in their Slack channel whenever their monthly Googl...Medium