In this post, we’ll walk you through a simple automated flow that can help you audit Google Workspace logs — ensuring compliance while reducing administrative overhead.
Table of Contents
Why Automate Google Workspace (formerly G Suite) Audit Logs?
When it comes to ensuring compliance with industry regulations like HIPAA or geographical regulations like GDPR, a crucial aspect for Google Workspace administrators is keeping track of user activities within Google Workspace. A common challenge, however, is managing these audit logs manually. It often means sifting through endless amounts of data to spot any red flags. This is not only tedious but also introduces the risk of human error. With an automated flow, you can streamline the process of pulling information from audit logs, organizing it, and identifying critical details like shared files, last login time, or any irregularities in user activity.
Automation allows you to:
— Run audits on a set schedule (monthly, bi-monthly, etc.).
— Capture all user activity data with minimal effort.
— Keep a neat historical record of activities for easier compliance reporting.
— Minimize human error and prevent potential compliance violations.
Now, let’s dive into how you can set up an automated flow that makes the entire process much more manageable.
Step-by-Step Breakdown of the Automated G Suite Audit Logs Flow
We’ll be building this flow using Zenphi, the leading Google admin tasks automation solution. However, we believe the logic is applicable to any tool you’re using — from scripting the flow using Apps Script to utilizing Google admin console.
1. Setting a Recurring Audit Trigger
To ensure compliance, audits need to happen on a regular basis. We’re using a timer trigger for this flow, which allows us to run the audit automatically on a schedule. For example, you could schedule the audit to run every two months to keep your data fresh and compliant
2. Searching for Users
The first logical step in your flow should be Searching for users within your Google Workspace.
Depending on the parameters you set, this action can retrieve all users within your domain or target specific groups. This step is key to identifying all users who have access to sensitive data or files and whose logs you’d like to audit consistently for compliance purposes.
If you’re using Zenphi, this step will open you access to details like:
- User email addresses
- Names
- Last login times
This information will be critical for monitoring user activity and ensuring that inactive or unapproved users are flagged.
READY TO IMPROVE YOUR DATA SECURITY LEVEL TODAY?
Average results your peers get after using Zenphi for 30 days or less
(Improvements due to Zenphi automations in %)
Compliance
Admin tasks Accuracy
Time saved
3. Retrieving the Audit Date
Next, we’ll retrieve the date of the audit. This is a small but important step that ensures every audit is properly documented.
In our example, the date is then added to a Google Sheet for reporting purposes, so you always have a record of when the last audit was completed. You can also use for the same purposes Google Docs.
4. Looping Through Users and Managing Files
In this step, the flow should loop through all the users retrieved in the search step (#1). The key actions here include:
— Copying the template: A Google Sheet template is duplicated for each user to maintain consistency in tracking their shared files.
— Listing the user’s shared files: In our example, we’d like to audit files that users have shared. But you can certainly use similar workflow for auditing Gmail logs, Google Drive actions, file permissions change and more. In this example, we need to retrieve all shared files for each user and track:
- File IDs
- Drive IDs
- File names
- View links
This gives us a comprehensive view of the files being shared, ensuring that no sensitive data is being exposed unnecessarily.
5. Adding Shared Files to Google Sheets
With all the necessary data collected, the next step is to add this information into the Google Sheet (or Google Docs if you’re using them to set up a reporting template). This step allows us to create a clear, organized record of which the audit results. Having this information centralized makes it easy to review and act upon potential compliance concerns.
6. Running the Flow
After setting up the flow, you can save and test it by running a new instance. The flow will automatically go through all the steps for each user, as described, and end with a clean record of the G Suite logs you’re auditing.
You can see with your own eyes how quick and efficient this process can be: in our test case here, the flow ran in just 11 seconds and successfully audited a user who had shared only one file.
G Suite audit logs automation flow
Please watch a tutorial below and follow along if you’d like to perform Google Workspace (formerly G Suite) audit logs yourself.
Read More On Google Admin Tasks Automations
Google Admin Tasks Automation
Shared Drives Audits
Employee Offboarding: Revoke Access
Employee Offboarding Checklist
IT Operations Automation Best Practices
