# Data Access Audit Logs and Query History
Status: public
Confidence: medium (0.725) (verified)
Last verified: 2026-06-02
Generation: ai_structured


## TL;DR

Data access audit logs and query history help agents answer who accessed data, which jobs ran, and which tables were read or written.

## Core Explanation

Agents debugging data incidents need evidence beyond table schemas. Audit logs can show principal, method, resource, job, and table interaction. Query history can show job metadata, timing, bytes processed, and errors.

Good investigations preserve project, dataset, table, job ID, principal, query text availability, timestamp, region, and log-retention assumptions before making access or compliance claims.

## Source-Mapped Facts

- BigQuery audit logs documentation says BigQueryAuditMetadata reports resource interactions such as which tables were read from and written to by a query job. ([source](https://cloud.google.com/bigquery/docs/reference/auditlogs/))
- Cloud Audit Logs documentation describes Data Access audit logs as logs for API calls that read or write user-provided data. ([source](https://docs.cloud.google.com/logging/docs/audit))
- BigQuery INFORMATION_SCHEMA JOBS view contains near real-time metadata about BigQuery jobs. ([source](https://docs.cloud.google.com/bigquery/docs/information-schema-jobs))

## Further Reading

- [BigQuery Audit Logs](https://cloud.google.com/bigquery/docs/reference/auditlogs/)
- [Cloud Audit Logs](https://docs.cloud.google.com/logging/docs/audit)
- [BigQuery INFORMATION_SCHEMA JOBS](https://docs.cloud.google.com/bigquery/docs/information-schema-jobs)