Domain 5.3: Viewing audit logs — GCP ACE Practice Question 50

How to approach this question

Understand how to export logs for long-term retention in GCP.

Full Answer

To retain logs beyond the default retention period of Cloud Logging, you must export them. You do this by creating a Log Sink (a router). The sink uses a filter to select the logs you want (Data Access logs) and routes them to a supported destination. For long-term, 3-year compliance retention, a Cloud Storage bucket (often using the Archive storage class) is the most cost-effective and standard destination.

Common mistakes

Thinking you can just change a setting to keep logs for 3 years in Cloud Logging. While custom retention is possible, it is very expensive compared to exporting to Cloud Storage.

Your compliance department requires that all Data Access audit logs be retained for 3 years. Cloud Logging only retains these logs for 30 days by default.

Which TWO actions should you take to meet this compliance requirement? (Select TWO)

How to approach this question

Full Answer

Common mistakes

Practice the full GCP Associate Cloud Engineer Practice Exam 7

More questions from this exam

Your compliance department requires that all Data Access audit logs be retained for 3 years. Cloud Logging only retains these logs for 30 days by default. Which TWO actions should you take to meet this compliance requirement? (Select TWO)

How to approach this question

Full Answer

Common mistakes

Practice the full GCP Associate Cloud Engineer Practice Exam 7

More questions from this exam

Your compliance department requires that all Data Access audit logs be retained for 3 years. Cloud Logging only retains these logs for 30 days by default.

Which TWO actions should you take to meet this compliance requirement? (Select TWO)