audit_request_status - Linux


audit_request_status allows monitoring the status of multiple audit requests submitted to the Security Center service. It provides a snapshot of requests submitted within a user-provided timeframe, categorized by their status.


audit_request_status [flags]


  • -from: Specify the starting time (UTC) from which to fetch requests. Format: YYYY-MM-DD HH:MM:SS
  • -to: Specify the ending time (UTC) for fetching requests. Format: YYYY-MM-DD HH:MM:SS
  • -org: (Optional) Organization to retrieve requests for. Defaults to current Google Cloud Organization.


Fetch requests from last 15 minutes

audit_request_status -from "$(date -u --date='15 mins ago')" -to "$(date -u)"

Fetch requests for a specific organization

audit_request_status -to "$(date -u)" -org "my-org"

Common Issues

No requests found

Check if the specified time range is correct and that it includes requests submitted.


Use in conjunction with gcloud audit logs:

gcloud audit logs read \
    --filter="" \
    --format="json" \
    --execute=audit_request_status -from "$(date -u --date='1 hour ago')" -to "$(date -u)"

Related Commands