This topic describes how to enable the inner-ActionTrail feature and collect operations logs of cloud services by using the Log Service console.

Prerequisites

  • You are authorized to use the inner-ActionTrail feature.
  • ActionTrail is authorized to ues the AliyunActionTrailDefaultRole role to ship logs to Log Service.
    You can go to the Cloud Resource Access Authorization page to complete the authorization. This operation is required only when you enable the inner-ActionTrail feature for the first time. You must complete the authorization by using your Alibaba Cloud account.
    Warning To ensure that operations logs can be shipped to Log Service, do not revoke permissions from the AliyunActionTrailDefaultRole role or delete the AliyunActionTrailDefaultRole role.
  • A project and a Logstore are created. For more information, see Quick start.

Procedure

Important Before you can use a RAM user to enable the inner-ActionTrail feature, you must grant the required permissions to the RAM user. For more information, see Authorize a RAM user to use the access log feature.
  1. Log on to the Log Service console.
  2. In the Import Data section, click the Platform Operation Log (Inner-ActionTrail) card.

    You can also log on to the ActionTrail console. On the page that appears, choose Inner-ActionTrail > Trails. On the Create Trail page, set the parameters to ship operations logs to Log Service.

    Important
    • If you enable the inner-ActionTrail feature in the ActionTrail console, Log Service creates a dedicated Logstore named innertrail_Trail Name.
    • If you enable the inner-ActionTrail feature in the Log Service console, the settings that you configure in the Log Service console are not synchronized to the ActionTrail console. If you enable the inner-ActionTrail feature in the Log Service console and create a trail in the ActionTrail console, the settings that you configure in the ActionTrail console overwrite the settings that you configure in the Log Service console.
    • If you cannot find the Platform Operation Log (Inner-ActionTrail) card in the Import Data section or Inner-ActionTrail > Trails in the ActionTrail console, submit a ticket or contact technical support.
  3. Select the project and Logstore. Then, click Next.
  4. In the Specify Data Source step, click Next.
    Import data
    Important
    • All operations logs are shipped to only one Logstore.
    • You can disable the inner-ActionTrail feature in the Specify Data Source step.
    • You can disable the inner-ActionTrail feature by choosing Inner-ActionTrail > Trails in the ActionTrail console.
    • After you disable the inner-ActionTrail feature, new logs are not shipped to the dedicated Logstore. The logs that have been shipped to the dedicated Logstore are automatically deleted after the retention period expires.
  5. In the Configure Query and Analysis step, click Next.
    The indexing feature is automatically enabled for the dedicated Logstore and indexes are created for the data in the Logstore.

What to do next

After operations logs are shipped to Log Service, you can query, analyze, download, ship, and transform the logs. You can also configure alerts for the logs. For more information, see Common operations on logs of Alibaba Cloud services.