Exam Professional Cloud Architect topic 1 question 83 discussion

D- reasons: 1.-Cloud Audit Logs maintains audit logs for admin activity, data access and system events. BIGQUERY is automatically send to cloud audit log functionality. 2.- In the filter you can filter relevant BigQuery Audit messages, you can express filters as part of the export https://cloud.google.com/logging/docs/audit https://cloud.google.com/bigquery/docs/reference/auditlogs#ids https://cloud.google.com/bigquery/docs/reference/auditlogs#auditdata_examples

Answer is D: https://cloud.google.com/bigquery/docs/reference/auditlogs#example_query_cost_breakdown_by_identity

Answer is B In the BigQuery interface, execute a query on the JOBS table to get the required information. Explanation: JOBS Table:BigQuery automatically logs job information, including queries, in a special table called JOBS. By querying this table, you can retrieve details about each job, including the user who ran it, the query text, and the timestamp. Why the Other Options Are Less Suitable: Connect Google Data Studio to BigQuery: While this can visualize data, you still need to execute a query to pull the data first. This option is not directly querying for the information you need. Use ‘bq show’ and ‘bq ls’: These commands provide metadata about jobs but do not efficiently retrieve the count of queries per user, especially for a large number of jobs over a month. Use Cloud Audit Logging: This approach could work but would be more complex and less efficient for simply counting queries. The JOBS table is specifically designed for this purpose, making it easier to extract the necessary data.

Using the INFORMATION_SCHEMA.JOBS_BY_USER table within BigQuery is the most efficient and straightforward method to get the required audit information about the number of queries each user ran in the last month. Therefore, option B is the best choice.. D.While Cloud Audit Logs can provide detailed logs of activities, querying them directly for this purpose is less efficient than using the JOBS table in BigQuery. Additionally, setting up and querying audit logs involves more steps and may require exporting logs to BigQuery for complex queries.

Why B is the Best Answer: Direct Access to Job Metadata: BigQuery maintains metadata about jobs (including query jobs) in the INFORMATION_SCHEMA views, specifically in the INFORMATION_SCHEMA.JOBS table. Detailed Information: This table contains information about all jobs, including who ran them, when they were run, and the type of job. This makes it easy to filter and count queries by user. Querying JOBS Table: You can write a SQL query to count the number of queries executed by each user over the specified period.

Querying the INFORMATION_SCHEMA.JOBS_BY_USER view in BigQuery is the most efficient and straightforward way to obtain the number of queries each user ran in the last month. This method leverages built-in BigQuery capabilities designed specifically for auditing and monitoring query jobs. Cloud Audit Logs provide detailed logging information but are more complex to query for specific metrics like the number of queries run by each user. BigQuery’s INFORMATION_SCHEMA.JOBS_BY_USER is designed for this purpose and is easier to use for querying job data.

Audit logs, Option D

reason: https://cloud.google.com/logging/docs/audit#data-access Data Access audit logs—except for BigQuery Data Access audit logs—are disabled by default because audit logs can be quite large. If you want Data Access audit logs to be written for Google Cloud services other than BigQuery, you must explicitly enable them

I finally decide to go with Option D over B because we or the auditor might not have access to the metadata. In fact, in our project, not all of us had access to query this view. "To get the permission that you need to query the INFORMATION_SCHEMA.JOBS view, ask your administrator to grant you the BigQuery Resource Viewer" https://cloud.google.com/bigquery/docs/information-schema-jobs#required_role. (And not because of the wordings "Table" instead of "view" - don't think an architect exam will try to assess your memory of whether it is a table or a view or your understanding of the difference between a table and a view).

C - bq show: To view job details (https://cloud.google.com/bigquery/docs/managing-jobs#view_job_details_2) bq ls: To list jobs (https://cloud.google.com/bigquery/docs/managing-jobs#list_jobs) So D is the correct one.

https://cloud.google.com/bigquery/docs/managing-jobs#list_jobs_in_a_project

I think B is the correct answer

Cloud Logging

B is correct. here's the link - https://cloud.google.com/bigquery/docs/information-schema-jobs

JOBS system table does exist and it contains exactly the info we need: one record for each job executed by users (query is one of the type of the jobs)

D. Use Cloud Audit Logging to view Cloud Audit Logs, and create a filter on the query operation to get the required information. Cloud Audit Logging records activities and API calls in Google Cloud services, including BigQuery. You can use Cloud Audit Logging to view logs and filter them based on specific operations, such as queries in BigQuery. By filtering on the query operation, you can gather the required information about how many queries each user ran in the last month, which is essential for audit purposes.

A is not possible. B is possible if VIEW is used instead of TABLE in the description. I use this view to get this information regularly. C. I have no cloud how this can be right answer. D. Only possible as per text descriptions.