snaga
Reputation: 41
How to parse audit log entries from Stackdriver on GCP
I'm trying to retrieve BigQuery audit logs using Stackdriver Logging Client Libraries in Python.
According to the tutorial, the following code should be able to fetch log entries:
for entry in client.list_entries():
do_something_with(entry)
However, this iterator just returns ProtobufEntry and I couldn't find how to get the actual log message from this object.
for entry in client.list_entries():
print type(entry)
The above code produces the following output:
$ python log_test.py
<class 'google.cloud.logging.entries.ProtobufEntry'>
<class 'google.cloud.logging.entries.ProtobufEntry'>
<class 'google.cloud.logging.entries.ProtobufEntry'>
....
However, I couldn't find any way to parse those objects.
How can I parse actual log messages?
Upvotes: 1
Views: 1564
Answers (1)
Guillem Xercavins
Reputation: 7058
The fields of a ProtobufEntry are listed here. If the payload is None use payload_pb instead as I found in the code.
The following snippet worked for me:
from google.cloud import logging
client = logging.Client()
for entry in client.list_entries():
timestamp = entry.timestamp.isoformat()
print('* {}: {}'.format
(timestamp, entry.payload_pb))
Upvotes: 2
Related Questions
- GCP Logs: How to query within an array of objects (regex like)
- Retrieve list of log names from Google Cloud Stackdriver API with Python
- Stackdriver Logging as Data Pipeline for Analytics
- How to filter GCP stackdriver logs by timestamp from python
- How to integrate on premise logs with GCP stackdriver
- Using Python to Query GCP Stackdriver logs
- How do I query GCP log viewer and obtain json results in Python 3.x (like gcloud logging read)
- GCP logging payload from payload (Stackdrive)
- How to retrieve GCP Stackdriver human readable logs?
- How to import Stackdriver logs into BigQuery