Set up BigQuery logs in the Admin console
To export G Suite logs and usage reports to Google BigQuery, you need to set up a BigQuery project in the Google Admin console. When you do, all data that’s currently available in the Reports API is available for exporting, including historical data.
If you decide to turn off the exporting of G Suite data to BigQuery, existing data is not deleted and no new data is made available in BigQuery. However, existing data will still be available in other sources, such as the Reports API.
How data is propagated and retained
- Policies can take an hour to propagate. After that, daily tables are automatically created in your dataset (PST time zone).
- Data is saved following guidelines for other logs and reports. For details, see Data retention and lag times.
- Data tables don’t automatically get deleted. To delete an active project, see Delete a BigQuery export configuration.
Set up BigQuery in the Admin console
From the Admin console Home page, go to Reports.
To see Reports, you might have to click More controls at the bottom.
- On the left, scroll down and click BigQuery Export.
- Make sure the Export G Suite data to Google BigQuery switch is On to enable BigQuery logs. The logs will be available within 48 hours after the setting is turned on.
- Under BigQuery project ID, select the project where you want to store the logs. You need to choose a project with write access. If you don’t see the project, you need to set it up in BigQuery. For details, see the Quickstart Guide.
- Under New dataset within project, enter the name of the dataset to use for storing the logs in the project. Dataset names must be unique for each project. For details, see Creating and using datasets.
- Click Save.
If you can’t save the project, you can try deleting the new dataset from the BigQuery console and saving again here.
The dataset is created the next day when the export is triggered. In addition to project owners, editors, and viewers, the email@example.com service account is added as editor. The service account is required to write logs and update the schema.