Reputation: 339
fetch cloud storage bucket last access details
How to fetch cloud storage bucket last access details. As of now, I'm seeing we can find only last modified date for bucket and objects. Is there any way to fetch last access details for buckets and objects. Do we need to enable logging for each object to fetch it or Is there any options available?
Upvotes: 1
Views: 2812
Answers (2)
Reputation: 9810
There are several types of logs you can enable to get this information.
Cloud Audit Logs is the recommended method for generating logs that track API operations performed in Cloud Storage:
- Cloud Audit Logs tracks access on a continuous basis.
- Cloud Audit Logs produces logs that are easier to work with.
- Cloud Audit Logs can monitor many of your Google Cloud services, not just Cloud Storage.
Audit Logs are logged in "near" real-time and available as any other logs in GCP. You can view a summary of the audit logs for your project in the Activity Stream in the Google Cloud Console. A more detailed version of the logs can found in the Logs Viewer.
In some cases, you may want to use Access Logs instead. You most likely want to use access logs if:
- You want to track access to public objects, such as assets in a bucket that you've configured to be a static website.
- You want to track access to objects when the access is exclusively granted because of the Access Control Lists (ACLs) set on the objects.
- You want to track changes made by the Object Lifecycle Management feature.
- You intend to use authenticated browser downloads to access objects in the bucket.
- You want your logs to include latency information, or the request and response size of individual HTTP requests.
As opposed to audit logs, access logs aren't sent "real-time" to Stackdriver Logging but are offered in the form of CSV files, generated hourly when there is activity to report in the monitored bucket, that you can download and view.
The access logs can provide an overwhelming amount of information. You'll find here a table to help you identify all the information provided in these logs.
Upvotes: 1
Reputation: 317808
Cloud Storage buckets are meant to serve high volumes of read requests through a variety of means. As such, reads don't also write any additional data - that would not scale well. If you want to record when an object gets read, you would need to have the client code reading the object to also write the current time to some persistent storage. Or, you could force all reads through some API endpoint that performs the update manually. In either case, you are writing code and using additional resources to store this data.
Upvotes: 0
Related Questions
- How to retrieve the most recent file in cloud storage bucket?
- Determine how many times files in a Google GCS bucket were accessed or downloaded
- How to Get Access Log of Google Bucket via Console?
- Setting up logging for buckets in Google Cloud Storage
- How to get the metdata of the Google Cloud Storage Bucket using Google Cloud Storage Client
- How to grab the first and last file of given Google Cloud Storage folder?
- How to retrieve the size of all my Google Cloud Storage bucket?
- How to find the remaining expiration time and date of an object and google cloud bucket using gsutil command?
- How to list recent files added to a GCS bucket
- Listing all buckets on which a user has access