This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

GCP Logs not capturing User Information for BQ Queries run from vertex workbench instance

Posted 2 weeks ago
krishna11
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Vertex_UserManage_Notebook:

GCP does the logging when the user queries via BigQuery UI. Perhaps the same querying through the workbench, it does not log user pertinent information (Owner of the instance name, nor VM/Workbench name or IP)

Is this expected? (or) Is there a way that logs may capture the relevant information on who made the query? I know service account of the underlying compute_instance is capture. However, this is not we're looking for!

I've also assigned custom labels to the instance assuming it would atleast capture this information.


Logs:

```
{
"protoPayload": {
"@type": "type.googleapis.com/google.cloud.audit.AuditLog",
"status": {},
"authenticationInfo": {
"principalEmail": "123456789-compute@developer.gserviceaccount.com",
"serviceAccountDelegationInfo": [
{
"firstPartyPrincipal": {
"principalEmail": "service-123456789@compute-system.iam.gserviceaccount.com"
}
}
]
},
"requestMetadata": {
"callerIp": "*.*.*.*",
"callerSuppliedUserAgent": "ipython-8.21.0 gl-python/3.10.14 grpc/1.62.1 gax/1.34.1 gapic/3.20.1 gccl/3.20.1,gzip(gfe)",
"callerNetwork": "//compute.googleapis.com/projects/steady-tracer-12345/global/networks/__unknown__",
"requestAttributes": {},
"destinationAttributes": {}
},
"serviceName": "bigquery.googleapis.com",
"methodName": "jobservice.getqueryresults",
"authorizationInfo": [
{
"resource": "projects/steady-tracer-12345",
"permission": "bigquery.jobs.create",
"granted": true,
"resourceAttributes": {}
},
{
"resource": "projects/steady-tracer-12345",
"permission": "bigquery.jobs.create",
"granted": true,
"resourceAttributes": {}
}
],
"resourceName": "projects/steady-tracer-12345/queries/5c37d6f7-919a-4d0c-9fe0-6ae21f25dbd5",
"serviceData": {
"@type": "type.googleapis.com/google.cloud.bigquery.logging.v1.AuditData",
"jobGetQueryResultsRequest": {},
"jobGetQueryResultsResponse": {
"totalResults": "42",
"job": {
"jobName": {
"projectId": "steady-tracer-12345",
"jobId": "5c37d6f7-919a-4d0c-9fe0-6ae21f25dbd5",
"location": "US"
},
"jobConfiguration": {
"query": {
"query": "SELECT * FROM `steady-tracer-12345.test_dataset.top_words` LIMIT 1000;",
"destinationTable": {
"projectId": "steady-tracer-12345",
"datasetId": "_a3ec690a6c8f1d9369fdee628f0f7aba9bd7ce24",
"tableId": "anonc3a5f202530cb1c670058090a9e19fd45c74fd2de785f7e562bc5a2b37fa0641"
},
"createDisposition": "CREATE_IF_NEEDED",
"writeDisposition": "WRITE_TRUNCATE",
"defaultDataset": {},
"queryPriority": "QUERY_INTERACTIVE",
"statementType": "SELECT"
}
},
"jobStatus": {
"state": "DONE",
"error": {}
},
"jobStatistics": {
"createTime": "2024-05-05T19:10:14.011Z",
"startTime": "2024-05-05T19:10:14.161Z",
"endTime": "2024-05-05T19:10:14.243Z",
"reservation": "unreserved"
}
}
}
}
},
"insertId": "-vc7iqse2w6df",
"resource": {
"type": "bigquery_resource",
"labels": {
"project_id": "steady-tracer-12345"
}
},
"timestamp": "2024-05-05T19:10:14.465276Z",
"severity": "INFO",
"logName": "projects/steady-tracer-12345/logs/cloudaudit.googleapis.com%2Fdata_access",
"receiveTimestamp": "2024-05-05T19:10:14.816987674Z"
}

0 0 26
Topic Labels
0 Likes
0 REPLIES 0