Google Cloud Audit Log Protobufs

Warnings

• breaking The `protobuf` dependency requirements have changed across minor versions. Ensure your environment uses a compatible `protobuf` version to avoid runtime errors. For version `0.4.0`, `protobuf>=3.19.5, <5.0.0` is generally required.
  Fix: Upgrade or downgrade your `protobuf` installation to match the requirements of `google-cloud-audit-log`. For example, `pip install 'protobuf>=3.19.5,<5.0.0'`.
• gotcha This library provides only the protobuf definitions for Google Cloud Audit Logs. It does NOT include a client library for fetching audit logs from Google Cloud APIs (e.g., Stackdriver Logging). Users are responsible for obtaining the serialized audit log data from other sources (e.g., Pub/Sub, Cloud Logging API) and then using this library to parse and interpret it.
  Fix: To fetch audit logs, use a client library for the relevant Google Cloud service, such as `google-cloud-logging` to read from Cloud Logging.
• gotcha The import paths for protobuf messages are direct to the `_pb2` files (e.g., `from google.cloud.audit import audit_log_pb2`). There are no higher-level client objects or `types` modules provided by this library, as its sole purpose is to expose the generated protobuf classes.
  Fix: Always import specific protobuf message modules directly, e.g., `from google.cloud.audit import audit_log_pb2` to access `audit_log_pb2.AuditLog`.
• gotcha This library requires Python 3.7 or newer. Attempting to use it with older Python versions will result in installation failures or runtime errors.
  Fix: Ensure your development and deployment environments use Python 3.7 or a later version.

Install

• pip install google-cloud-audit-log Install latest version

Imports

• AuditLog

  from google.cloud.audit import audit_log_pb2

  Most protobuf messages, like AuditLog, are imported directly from their respective `_pb2` files within the `google.cloud.audit` namespace.
• RequestMetadata

  from google.cloud.audit import audit_log_pb2

  Nested message types are attributes of the containing message type, but their definitions are also available from the main `_pb2` file.

Quickstart

This quickstart demonstrates how to programmatically construct an `AuditLog` message and then serialize it to bytes, simulating how it might be stored or transmitted. It then shows how to deserialize those bytes back into an `AuditLog` object and access its fields. This reflects the library's primary use case of defining and manipulating audit log protobuf messages.

from google.cloud.audit import audit_log_pb2
from google.protobuf.json_format import MessageToJson, Parse

# Example: Construct an AuditLog message programmatically
audit_log_entry = audit_log_pb2.AuditLog(
    service_name="compute.googleapis.com",
    method_name="v1.compute.instances.insert",
    resource_name="projects/my-project/zones/us-central1-a/instances/my-instance",
    authentication_info=audit_log_pb2.AuthenticationInfo(
        principal_email="user@example.com"
    ),
    request_metadata=audit_log_pb2.RequestMetadata(
        caller_ip="192.168.1.1",
        caller_supplied_user_agent="gcloud-sdk",
    )
)

print("Constructed AuditLog (JSON format):")
print(MessageToJson(audit_log_entry))

# Example: Simulate receiving a serialized AuditLog (e.g., from a message queue)
# In a real scenario, `serialized_data` would be bytes received from a source.
# For this example, we'll serialize the object we just created.
serialized_data = audit_log_entry.SerializeToString()

# Parse the received data back into an AuditLog object
parsed_log_entry = audit_log_pb2.AuditLog()
parsed_log_entry.ParseFromString(serialized_data)

print("\nParsed AuditLog (JSON format):")
print(MessageToJson(parsed_log_entry))

# Accessing fields from the parsed log entry
print(f"\nService Name: {parsed_log_entry.service_name}")
print(f"Method Name: {parsed_log_entry.method_name}")
if parsed_log_entry.authentication_info.principal_email:
    print(f"Principal Email: {parsed_log_entry.authentication_info.principal_email}")