When using cloudforensics gcp querylogs the output contains the internal python logging prefix one each log line which means that it can't be read as JSONL. For example the log line is something like:
[2023-02-14 11:42:08,875] [tools.gcp_cli ] INFO {"fake-json": "data"}
Instead of just
{"fake-json": "data"}
It would be nice if the output was just jsonl so that it could be read without parsing.
When using
cloudforensics gcp querylogs
the output contains the internal python logging prefix one each log line which means that it can't be read as JSONL. For example the log line is something like:Instead of just
It would be nice if the output was just jsonl so that it could be read without parsing.