A logging sink is a cloud configuration that sends audit logs, telemetry, or application events to a chosen destination, such as a storage bucket, archive, or analytics system. The sink acts like a routing rule: producers write logs to the logging service, and the service forwards matching data to the configured endpoint.
Logging sinks matter because they turn destination names into security-critical references. If a sink still points to a deleted bucket name, and that name is later claimed by another account, new log data may be delivered to the wrong place. That can expose sensitive records, break audit integrity, or create blind spots in monitoring. Defenders should inventory all sinks, remove stale destinations, and verify that each target remains owned and reachable before relying on it for retention or compliance. In practice, sink review is part of destination integrity: the system must keep sending data to the intended, authorized storage location.



