For any operation performed in Firestore DB like creating Firestore instance, creating collection, adding documents, adding/deleting fields, etc.. how can we see all the operations performed in Cloud Logging.
By default it gives only instance creation logs but not the CRUD operations.
*[
{
"protoPayload": {
"@type": "type.googleapis.com/google.cloud.audit.AuditLog",
"status": {
"code": 3,
"message": "Error; please try again later."
},
"authenticationInfo": {
"principalEmail": "[email protected]"
},
"requestMetadata": {
"callerIp": "168.149.187.2",
"callerSuppliedUserAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 Edg/96.0.1054.62,gzip(gfe),gzip(gfe)",
"requestAttributes": {
"time": "2021-12-20T17:15:19.476045Z",
"auth": {}
},
"destinationAttributes": {}
},
"serviceName": "firebasedatabase.googleapis.com",
"methodName": "google.firebase.database.v1beta.RealtimeDatabaseService.CreateDatabaseInstance",
"authorizationInfo": [
{
"resource": "projects/..",
"permission": "firebasedatabase.instances.create",
"granted": true,
"resourceAttributes": {}
}
],
"resourceName": "projects/..",
"request": {
"@type": "type.googleapis.com/google.firebase.database.v1beta.CreateDatabaseInstanceRequest",
"validateOnly": true,
"parent": "projects/..",
"databaseInstance": {
"type": "DEFAULT_DATABASE"
},
"databaseId": ""
}
},*
CodePudding user response:
By default indeed only administrative operations are added to the audit log. If you also want to log data for regular data manipulation and retrieval, you can enable those from the audit logs page.
CodePudding user response:
The docs for Firestore audit logging suggest you'll need to enable these: