Stay organized with collectionsSave and categorize content based on your preferences.
On theContinuous exportstab, you can set up logging for Event Threat Detection and
Container Threat Detection findings. Findings are exported to the Cloud Logging
project that you select.
Depending on the quantity of information, Cloud Logging costs can be significant. To understand
your usage of the service and its cost, seeGoogle Cloud Observability pricing.
For information about how to log findings, click the tab for your service tier:
InLogging project, enter or search for the project where you want to log findings.
ClickSave.
When Event Threat Detection and Container Threat Detection write logs, each log entry
includes thethreat_detectorresource type and contains the same information
as findings. For instructions on reviewing logs, seeUsing Event Threat DetectionandUsing Container Threat Detection.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["| Premium and Enterprise [service tiers](/security-command-center/docs/service-tiers) (requires [organization-level activation](/security-command-center/docs/activate-scc-overview#overview_of_organization-level_activation))\n\nOn the **Continuous exports** tab, you can set up logging for Event Threat Detection and\nContainer Threat Detection findings. Findings are exported to the Cloud Logging\nproject that you select.\n\nTo use Cloud Logging export, you must\n[activate Security Command Center at the organization level](/security-command-center/docs/activate-scc-overview#overview_of_organization-level_activation).\n\n\nDepending on the quantity of information, Cloud Logging costs can be significant. To understand\nyour usage of the service and its cost, see\n[Google Cloud Observability pricing](/stackdriver/pricing).\n\nFor information about how to log findings, click the tab for your service tier: \n\nPremium\n\n1. In the Google Cloud console, go to the Security Command Center page. [Go to Security Command Center](https://console.cloud.google.com/security/command-center/config/services)\n2. Select your organization.\n3. Click **settings Settings**.\n4. Click the **Continuous Exports** tab.\n5. In **Export name** , click **Logging Export**.\n6. In **Sinks** , turn on **Log Findings to Logging**.\n7. In **Logging project**, enter or search for the project where you want to log findings.\n8. Click **Save**.\n\nEnterprise\n\n1. In the Google Cloud console, go to the Security Command Center page. [Go to Security Command Center](https://console.cloud.google.com/security/command-center/config/services)\n2. Select your organization.\n3. Click **SCC Settings**.\n4. Click the **Continuous Exports** tab.\n5. In **Export name** , click **Logging Export**.\n6. In **Sinks** , turn on **Log Findings to Logging**.\n7. In **Logging project**, enter or search for the project where you want to log findings.\n8. Click **Save**.\n\nWhen Event Threat Detection and Container Threat Detection write logs, each log entry\nincludes the **threat_detector** resource type and contains the same information\nas findings. For instructions on reviewing logs, see\n[Using Event Threat Detection](/security-command-center/docs/how-to-use-event-threat-detection#findings-logging)\nand\n[Using Container Threat Detection](/security-command-center/docs/how-to-use-container-threat-detection#findings-logging)."]]
Log Findings to Logging