Skip to main content

Hi there!

Since my organization's GCP log explorer events are directly ingested to Secops platform, I am trying to look for resource.type="audited_resources" events in secops. However looks like everything changed after parsing and now I am unable to find respective logs on SIEM, does anyone has any experience with this, can help?

That's a broad query, something like this will get you started, but you'll want to narrow your results further based on what you are looking for.


 


metadata.log_type = "GCP_CLOUDAUDIT"
metadata.product_name = "Google Cloud Platform"

 

Reply


Terms & ConditionsCookie settings
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.