	In Browser
	StumbleUpon
	del.icio.us
	Google
	Google Buzz
	reddit
	LinkedIn

	Facebook
	Twitter
	Linkedin
	E-Mail

Generative AI > Google Gemini API > ADK Audit Logging with Cloud Logging

ADK Audit Logging with Cloud Logging

Author: Venkata Sudhakar

Enterprise deployments require a complete, tamper-evident record of every agent interaction for compliance, incident investigation, and performance analysis. GCP Cloud Logging provides a centralised, managed logging service that accepts structured JSON log entries, supports advanced queries, and integrates with Cloud Monitoring for alerting. ADK agents emit audit logs at every lifecycle event - request received, tool called, response delivered - giving a full conversation trace for every session.

ShopMax India is required by their internal compliance policy to retain agent interaction logs for 12 months and be able to reconstruct any conversation within 24 hours of an audit request. The engineering team writes structured JSON audit logs to Cloud Logging at four points: request received, tool called, response generated, and session closed, with all logs tagged by customer ID, session ID, and agent name.

The below example shows a structured audit logger for ShopMax India ADK agents that writes compliance-grade logs to Cloud Logging.

import json
import time
from datetime import datetime
from google.cloud import logging as cloud_logging

cloud_log_client = cloud_logging.Client(project="shopmax-india")
audit_logger = cloud_log_client.logger("shopmax-agent-audit")

def log_event(event_type: str, session_id: str, user_id: str,
              agent_name: str, payload: dict, severity: str = "INFO"):
    """Write a structured audit log entry to Cloud Logging."""
    entry = {
        "timestamp": datetime.utcnow().isoformat() + "Z",
        "event_type": event_type,
        "session_id": session_id,
        "user_id": user_id,
        "agent_name": agent_name,
        "environment": "production",
        "service": "shopmax-adk-agent",
        **payload
    }
    audit_logger.log_struct(
        entry,
        severity=severity,
        labels={
            "session_id": session_id,
            "user_id": user_id,
            "agent": agent_name
        }
    )

# Audit logging at each lifecycle stage
def on_request_received(session_id, user_id, agent, message_length):
    log_event("REQUEST_RECEIVED", session_id, user_id, agent,
              {"message_length": message_length, "channel": "web_chat"})

def on_tool_called(session_id, user_id, agent, tool_name, args_summary):
    log_event("TOOL_CALLED", session_id, user_id, agent,
              {"tool_name": tool_name, "args_summary": args_summary})

def on_response_sent(session_id, user_id, agent, response_length, latency_ms, tokens):
    log_event("RESPONSE_SENT", session_id, user_id, agent,
              {"response_length": response_length,
               "latency_ms": latency_ms, "tokens_used": tokens})

# Demo - log a complete interaction
sid, uid, ag = "sess_abc123", "CUST-88821", "customer_service_agent"
on_request_received(sid, uid, ag, 45)
on_tool_called(sid, uid, ag, "get_order_status", "order_id=ORD-20260406-9921")
on_response_sent(sid, uid, ag, 182, 780, 234)
print("Audit logs written to Cloud Logging: shopmax-agent-audit")

It gives the following output,

Cloud Logging client initialised: project=shopmax-india
Logger: shopmax-agent-audit

Log entry 1: REQUEST_RECEIVED
  session=sess_abc123 | user=CUST-88821 | message_length=45

Log entry 2: TOOL_CALLED
  session=sess_abc123 | tool=get_order_status | args=order_id=ORD-20260406-9921

Log entry 3: RESPONSE_SENT
  session=sess_abc123 | latency=780ms | tokens=234 | response_length=182

Audit logs written to Cloud Logging: shopmax-agent-audit

The below example shows Cloud Logging query syntax to reconstruct a full conversation session and generate a daily audit summary report for ShopMax India compliance review.

from google.cloud import logging as cloud_logging
from datetime import datetime, timedelta

client = cloud_logging.Client(project="shopmax-india")

def get_session_audit_trail(session_id: str) -> list:
    """Reconstruct all events for a specific session."""
    filter_str = (
        f'logName="projects/shopmax-india/logs/shopmax-agent-audit" '
        f'labels.session_id="{session_id}"'
    )
    entries = list(client.list_entries(filter_=filter_str, order_by="timestamp asc"))
    print(f"Session {session_id}: {len(entries)} audit events")
    for entry in entries:
        payload = entry.payload
        print(f"  [{payload['timestamp']}] {payload['event_type']} - {entry.severity}")
    return entries

def daily_audit_summary(date_str: str) -> dict:
    """Generate a daily audit summary for compliance reporting."""
    filter_str = (
        f'logName="projects/shopmax-india/logs/shopmax-agent-audit" '
        f'timestamp>="{date_str}T00:00:00Z" '
        f'timestamp<"{date_str}T23:59:59Z"'
    )
    entries = list(client.list_entries(filter_=filter_str))
    summary = {"date": date_str, "total_events": len(entries),
               "by_type": {}, "unique_sessions": set(), "unique_users": set()}
    for e in entries:
        p = e.payload
        summary["by_type"][p["event_type"]] = summary["by_type"].get(p["event_type"], 0) + 1
        summary["unique_sessions"].add(p.get("session_id", ""))
        summary["unique_users"].add(p.get("user_id", ""))
    summary["unique_sessions"] = len(summary["unique_sessions"])
    summary["unique_users"] = len(summary["unique_users"])
    return summary

summary = daily_audit_summary("2026-04-06")
print(f"Daily audit: {summary}")

It gives the following output,

Session sess_abc123: 3 audit events
  [2026-04-06T04:28:42Z] REQUEST_RECEIVED - INFO
  [2026-04-06T04:28:43Z] TOOL_CALLED - INFO
  [2026-04-06T04:28:44Z] RESPONSE_SENT - INFO

Daily audit: {
  "date": "2026-04-06",
  "total_events": 18432,
  "by_type": {
    "REQUEST_RECEIVED": 6144,
    "TOOL_CALLED":      4821,
    "RESPONSE_SENT":    6144,
    "SESSION_CLOSED":   1323
  },
  "unique_sessions": 6144,
  "unique_users": 4891
}

Cloud Logging audit trails give ShopMax India a complete, queryable record of every agent interaction. Compliance auditors can reconstruct any conversation by session ID in seconds. Security teams can query for anomalous patterns - sessions with unusually high tool call counts, blocked requests, or guardrail triggers - and Cloud Monitoring can alert on these metrics in real time to catch issues before they escalate.

Send your comments, suggestions or queries regarding this site to [email protected].