A few minutes after the error cause is removed, the trail status will change to
Active. All audit logs will be uploaded to the destination object.
Object Storage bucket
- Make sure the service account used by the trail to upload audit logs to the bucket is assigned the
storage.uploaderor a higher role.
- Check the bucket access control list (ACL) and bucket policy and make sure they contain no rules that disable the service account to write data to the bucket.
Check the bucket specified in the trail settings. If the bucket was deleted:
Create a new bucket with the same name as that specified in the trail settings.
You can also change the trail settings by specifying a different bucket under Destination.
UNKNOWN or INTERNAL_ERROR
Contact support for additional information and recommendations.