Hello community,
I need to know who started a job in the dataproc cluster... I need to know if it was a service account, or a common user. And really know which account he used.
Does anyone know any commands, or how to find them in logs explorer?
Solved! Go to Solution.
The Dataproc Jobs API does not directly provide information about who submitted the job. However, you can use the following alternative methods to find out who started a job in the Dataproc cluster:
Method 1: Accessing Dataproc Job Logs
Logs Explorer:
resource.type="cloud_dataproc_cluster"
and protoPayload.methodName="google.cloud.dataproc.v1.JobController.SubmitJob"
.SubmitJob
method call in the logs.principalEmail
field within protoPayload.authenticationInfo
indicates the identity (user or service account) of the caller who submitted the job.gcloud logging command:
gcloud logging read "resource.type=cloud_dataproc_cluster AND protoPayload.methodName=google.cloud.dataproc.v1.JobController.SubmitJob" --project=${PROJECT_ID}
${PROJECT_ID}
with your actual project ID.principalEmail
field within authenticationInfo
. This indicates the identity used to submit the job.Method 2: Dataproc Job History Server
Method 3: Audit Logs
dataproc.jobs.submit
event type.Additional Notes:
I tried to look here, but it doesn't appear who executed it: https://dataproc.googleapis.com/v1/projects/${PROJECT}/regions/${REGION}/jobs/${JOB_ID}
The Dataproc Jobs API does not directly provide information about who submitted the job. However, you can use the following alternative methods to find out who started a job in the Dataproc cluster:
Method 1: Accessing Dataproc Job Logs
Logs Explorer:
resource.type="cloud_dataproc_cluster"
and protoPayload.methodName="google.cloud.dataproc.v1.JobController.SubmitJob"
.SubmitJob
method call in the logs.principalEmail
field within protoPayload.authenticationInfo
indicates the identity (user or service account) of the caller who submitted the job.gcloud logging command:
gcloud logging read "resource.type=cloud_dataproc_cluster AND protoPayload.methodName=google.cloud.dataproc.v1.JobController.SubmitJob" --project=${PROJECT_ID}
${PROJECT_ID}
with your actual project ID.principalEmail
field within authenticationInfo
. This indicates the identity used to submit the job.Method 2: Dataproc Job History Server
Method 3: Audit Logs
dataproc.jobs.submit
event type.Additional Notes:
Perfect. Thank you for your help.
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |