Is there a way to download g suite email audit log (not manually from google admin console) for a big company?
If i'm not wrong the API (https://developers.google.com/admin-sdk/email-audit) is limited by 1000 monitors per day?
May be is possible to have a mirror of logs in BigQuery or in any other place readable with no limits?
Thanks, Paolo.
Related
My wife's company recently switched over to Gsuite from Outlook.
When in Outlook, she used to save emails (.eml files) in shared folders for the rest of her team to work with. She would often click on one of these .eml files, which would launch Outlook, and from there she would be able to work - reply, forward, etc.
Now they've switched to Gsuite, and she has trouble re-creating this workflow: emails can be exported from Gmail, but opening them from a shared folder is a hassle. They open by default in Outlook (now blocked by her company). I've tried setting Google Chrome as her default program for emails, but it does just that: it opens the email in Chrome, not in Gmail (= impossible to reply/forward/...).
.eml files saved to Google Drive do not open in Gmail either.
She needs multiple collaborators to save emails to common folders, and she also needs each of them to be able to read/reply/forward any email saved to these folders.
What do you suggest?
Thank you so much!
Gmail and Outlook work differently on this matter but there are few ways in order to achieve what you are looking for.
First thing first, it depends in which G Suite Edition is your account, manly because of the Storage space.
G Suite Basic: 30Gb per user
G Suite Business: 1-4 User 1TB per user. 5 user up Unlimited Storage.
Compare G Suite Editions: https://gsuite.google.com/intl/en_ph/compare-editions/
Now in G suite there isn’t such a thing like a default ‘Archive’ for the emails as in Outlook. All the email are store into the User Cloud Storage and there they stay, because you don’t have a fixed device but rather your device is in a Google Server (Cloud) . But by knowing this you can work around it.
For instance if you G Suite Basic, you can create a new User that has 30Gb of cloud Storage and you use this User as a “Back UP,” you can do it the same with a G Suite Business.
Then you can delegate your account (or the back up account) to other users, see ---> Set up mail delegation: https://support.google.com/mail/answer/138350
At the end of the day you will have a consistent backup of your email and if you need to access them you just log in with this user (as delegate or not)
Having said that, there is a way to Download the email into a folder into your Device with a PST file , either with GSSMO or GSMME,althouhg they one Uses Outlook:
G Suite Sync for Microsoft Outlook, Import your data (you can also export it): https://support.google.com/a/users/answer/153874?hl=en
G Suite Migration for Microsoft Exchange, Migrate data from PST files: https://support.google.com/a/answer/7364501?hl=en
The Current Quotas table on the Quotas for Google Services page shows a feature called "Email read/write (excluding send)," which is limited to 50,000 / day for G Suite Business customers.
I have several Google Apps Scripts that use MailApp to send emails, and today users of my scripts started getting the error: "Service invoked too many times for one day: email"
When I ran MailApp.getRemainingDailyQuota() it showed -1, confirming that the quota had been exceeded.
When I checked Google Vault to see how many messages my account had sent between yesterday and today, it showed about 3,294.
When I reached out to G Suite Support to ask about this, they directed me to the G Suite Admin Email sending limits page, which shows that G Suite accounts are limited to sending 2,000 messages per rolling 24-hour period.
3,294 is greater than 2,000, but both are well below 50,000, so I'm wondering what actually counts against the 50,000 quota.
What mail-related operation does "read/write" pertain to?
We also use gsuite and Google script to send lots of mails. And also have lots of questions about quotas. The results of my observation is that limits applied with some lag. I can send over limit mails (some amount), before limitation will apply. Amount is vary and bit unpredictable, but almost always if I do sime pause before sending over limit mails - I got quota errors :(
I can't comment, thats why updating answer. Just try to add few mails into bcc :) and check metrics
I am looking for an API that would allow me to do the following: given a business subscription for Office365 and Admin level access, I would like to receive events about file and folder changes.
Example events I am interested it:
Billy uploaded a cat1.jpg to /drives/123/cats on %datetime%
Sally created a file.txt in /drives/123/work_in_progress on %datetime%
Jay shared a data.csv in /drives/123/data with bob#example.com on %datetime%
I've looked at activities API and webhooks subscription but not sure if these are the right ones for the purpuses.
Can someone please suggest APIs I can use to get such audit trail data from Office365/OneDrive?
Depending on the scale, Webhooks and Deltas are excellent candidates for this.
Where you'll likely run into challenges is if you're attempting to centrally audit across an entire organization. These endpoints are scoped to a single user/directory/drive/etc. so they are less than ideal for organization-wide auditing.
For broader/top-level auditing, I would instead look at the Office 365 Management Activity API. This API includes the ability to audit SharePoint File Operations.
I want to monitor employees interactions inside companies. In the case the company is using Gmail, I was thinking about using https://developers.google.com/admin-sdk/email-audit/.
But i still have some questions regarding the "lawful" purpose and I'm wondering if Email Audit is the right API if my purpose is to monitor in real-time emails knowing there will be at least 10 000 emails/day to monitor.
If you check the Usage Limits and Quotas:
Limits and quotas protect the Google infrastructure from an automated process that uses the Email Audit API in an inappropriate way. Excessive requests from an API might result from a harmless typo, or may result from an inefficiently designed system that makes needless API calls. Regardless of the cause, blocking traffic from a specific source once it reaches a certain level is necessary for the overall health of the Google Apps system. It ensures that one developer's actions cannot negatively impact the larger community.
To answer you question, if your goals falls under this description - Google Apps Email Audit API Developer's Guide:
The Google Apps Email Audit API allows Google Apps administrators to audit a user's email, email drafts, and archived chats. In addition, a domain administrator can retrieve account login information and download a user's mailbox. This API can be used only for lawful purposes in accordance with your Customer Agreement.
Then the answer would be yes, it is the appropriate API to use. If you are thinking about the 10000 emails/day, you might want to check if it is reasonable to ask for quota increase.
Hope this helps!
We've written an application to replace a third party tool to download and print jobs through Google Cloud Print. For new customers this will work well. We create the printer in the cloud and download jobs. It works. Customers up and running with the third party tool are using a printer created with that tool. I thought I'd be able to access that printer's jobs by getting the user to go through oauth authentication to give our application the permission to manage the user's printers. However, having done this and all seeming to work when I fetch jobs from that printer the response is that there are no jobs. But there is a job. Is this behaviour to be expected. Is there any way around this? We'd just like to avoid our customers having to create new printers.
The question is a little unclear; feel free to edit your question and I'll edit this answer.
Being able to manage jobs is not the same as being able to download jobs. Each printer belongs to a user, and each has a robot account. Only those two accounts (I believe) can download the job ticket and payload.
After a job is marked as completed (through the /control API), the payload is deleted.
A third user account that can manage jobs is allowed to view information about the job, as well as cancel/delete the job, but can't (I believe) download the job payload.