In that case you need to get parser fixed first. Raise a support case if you have access and share sample logs with them. Parser updates are fairly developed faster with Google support in my experience.

There's some filtering options for GCP.  

--GCP Cloud Audit

OR log_id("cloudaudit.googleapis.com/activity")

OR log_id("cloudaudit.googleapis.com/system_event")

OR log_id("cloudaudit.googleapis.com/policy")

OR log_id("cloudaudit.googleapis.com/data_access")

OR log_id("cloudaudit.googleapis.com/access_transparency")

--GCP Cloud SQL

OR log_id("cloudsql.googleapis.com/mysql-general.log")

OR log_id("cloudsql.googleapis.com/mysql.err")

OR log_id("cloudsql.googleapis.com/postgres.log")

OR log_id("cloudsql.googleapis.com/sqlagent.out")

OR log_id("cloudsql.googleapis.com/sqlserver.err")