เมื่อกำหนดค่าการบันทึกการตรวจสอบ ให้ใช้ชื่อบริการ datastore.googleapis.com
เพื่อกำหนดค่าทั้ง datastore.googleapis.com และ firestore.googleapis.com.
Once configured, logs for the Cloud Firestore with MongoDB compatibility API include the service namefirestore.googleapis.com`
[[["เข้าใจง่าย","easyToUnderstand","thumb-up"],["แก้ปัญหาของฉันได้","solvedMyProblem","thumb-up"],["อื่นๆ","otherUp","thumb-up"]],[["ไม่มีข้อมูลที่ฉันต้องการ","missingTheInformationINeed","thumb-down"],["ซับซ้อนเกินไป/มีหลายขั้นตอนมากเกินไป","tooComplicatedTooManySteps","thumb-down"],["ล้าสมัย","outOfDate","thumb-down"],["ปัญหาเกี่ยวกับการแปล","translationIssue","thumb-down"],["ตัวอย่าง/ปัญหาเกี่ยวกับโค้ด","samplesCodeIssue","thumb-down"],["อื่นๆ","otherDown","thumb-down"]],["อัปเดตล่าสุด 2025-09-06 UTC"],[],[],null,["\u003cbr /\u003e\n\n\n|--------------------------------------------------------|\n| *Relevant to Cloud Firestore Enterprise edition only.* |\n\n\u003cbr /\u003e\n\nThis document describes audit logging for Cloud Firestore with MongoDB compatibility. Google Cloud\nservices generate audit logs that record administrative and access activities\nwithin your Google Cloud resources.\n\nFor more information about Cloud Audit Logs, see the following:\n\n- [Types of audit logs](https://cloud.google.com/logging/docs/audit#types)\n- [Audit log entry structure](https://cloud.google.com/logging/docs/audit#audit_log_entry_structure)\n- [Storing and routing audit logs](https://cloud.google.com/logging/docs/audit#storing_and_routing_audit_logs)\n- [Cloud Logging pricing summary](https://cloud.google.com/stackdriver/pricing#logs-pricing-summary)\n- [Enable Data Access audit logs](https://cloud.google.com/logging/docs/audit/configure-data-access)\n\nNotes\n\nWhen configuring audit logging, use the service name `datastore.googleapis.com`\nto configure both `datastore.googleapis.com` and `firestore.googleapis.com.\nOnce configured, logs for the Cloud Firestore with MongoDB compatibility API include the service name`firestore.googleapis.com\\`.\n\nTo view the time it took to process a `DATA_READ` or `DATA_WRITE` request, see\nthe `processing_duration` field within the `metadata` object of an `AuditLog`.\nThe `processing_duration` field describes the time the database took to process\na request. This is smaller than the end-user latency. In particular, it does\nnot include network overhead.\n\nService name\n\nCloud Firestore audit logs use the service name `firestore.googleapis.com`.\nFilter for this service: \n\n protoPayload.serviceName=\"firestore.googleapis.com\"\n\nMethods by permission type\n\nEach IAM permission has a `type` property, whose value is an enum\nthat can be one of four values: `ADMIN_READ`, `ADMIN_WRITE`, `DATA_READ`, or\n`DATA_WRITE`. When you call a method, Cloud Firestore generates an audit log whose category is dependent on the\n`type` property of the permission required to perform the method.\n\nMethods that require an IAM permission with the `type` property\nvalue of `DATA_READ`, `DATA_WRITE`, or `ADMIN_READ` generate\n[Data Access](https://cloud.google.com/logging/docs/audit/configure-data-access) audit logs.\n\nMethods that require an IAM permission with the `type` property\nvalue of `ADMIN_WRITE` generate\n[Admin Activity](https://cloud.google.com/logging/docs/audit#admin-activity) audit logs.\n\n| Permission type | Methods |\n|-----------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `ADMIN_READ` | `google.cloud.location.Locations.GetLocation` `google.cloud.location.Locations.ListLocations` `google.firestore.admin.v1.FirestoreAdmin.GetBackup` `google.firestore.admin.v1.FirestoreAdmin.GetBackupSchedule` `google.firestore.admin.v1.FirestoreAdmin.GetDatabase` `google.firestore.admin.v1.FirestoreAdmin.GetField` `google.firestore.admin.v1.FirestoreAdmin.GetIndex` `google.firestore.admin.v1.FirestoreAdmin.ListBackupSchedules` `google.firestore.admin.v1.FirestoreAdmin.ListBackups` `google.firestore.admin.v1.FirestoreAdmin.ListDatabases` `google.firestore.admin.v1.FirestoreAdmin.ListFields` `google.firestore.admin.v1.FirestoreAdmin.ListIndexes` `google.firestore.admin.v1beta1.FirestoreAdmin.GetIndex` `google.firestore.admin.v1.MongoDBCompatible.ListIndexes` `google.firestore.admin.v1.MongoDBCompatible.ListDatabases` |\n| `ADMIN_WRITE` | `google.firestore.admin.v1.FirestoreAdmin.CreateBackupSchedule` `google.firestore.admin.v1.FirestoreAdmin.CreateDatabase` `google.firestore.admin.v1.FirestoreAdmin.CreateIndex` `google.firestore.admin.v1.FirestoreAdmin.DeleteBackup` `google.firestore.admin.v1.FirestoreAdmin.DeleteBackupSchedule` `google.firestore.admin.v1.FirestoreAdmin.DeleteDatabase` `google.firestore.admin.v1.FirestoreAdmin.DeleteIndex` `google.firestore.admin.v1.FirestoreAdmin.RestoreDatabase` `google.firestore.admin.v1.FirestoreAdmin.UpdateBackupSchedule` `google.firestore.admin.v1.FirestoreAdmin.UpdateDatabase` `google.firestore.admin.v1.FirestoreAdmin.UpdateField` `google.longrunning.Operations.CancelOperation` `google.longrunning.Operations.DeleteOperation` |\n| `DATA_READ` | `google.firestore.v1.MongoDBCompatible.Find` `google.firestore.v1.MongoDBCompatible.Aggregate` `google.firestore.v1.MongoDBCompatible.GetMore` `google.firestore.v1.MongoDBCompatible.ListCollections` `google.firestore.v1.MongoDBCompatible.Count` `google.firestore.v1.MongoDBCompatible.Distinct` `google.firestore.v1.MongoDBCompatible.CommitTransaction` `google.firestore.v1.MongoDBCompatible.AbortTransaction` `google.firestore.v1.MongoDBCompatible.EndSessions` `google.firestore.v1.MongoDBCompatible.KillCursors` |\n| `DATA_WRITE` | `google.firestore.v1.MongoDBCompatible.Insert` `google.firestore.v1.MongoDBCompatible.Update` `google.firestore.v1.MongoDBCompatible.Delete` `google.firestore.v1.MongoDBCompatible.FindAndModify` `google.firestore.v1.MongoDBCompatible.CreateCollection` |\n\nIdentify request callers\n\nAudit Log entries include information about the identity that performed the\nlogged operation. To identify a request caller, see the following fields within\nan [`AuditLog`](https://cloud.google.com/logging/docs/reference/audit/auditlog/rest/Shared.Types/AuditLog) object:\n\n- The caller's identity is held in the\n [`AuthenticationInfo`](https://cloud.google.com/logging/docs/reference/audit/auditlog/rest/Shared.Types/AuditLog#AuthenticationInfo)\n field. This can include the `principalEmail` of the user. This information\n is [sometimes redacted](https://cloud.google.com/logging/docs/audit#user-id).\n\n- The `callerIp` field within the\n [`requestMetadata`](https://cloud.google.com/logging/docs/reference/audit/auditlog/rest/Shared.Types/AuditLog#requestmetadata)\n object of an `AuditLog` entry includes the IP address of the caller."]]
