Differences among a single-account trail, a multi-account trail, and a platform event trail - Introduction| Alibaba Cloud Documentation Center

ActionTrail allows you to create a single-account trail, a multi-account trail, or a platform event trail as required.

The following table describes the differences among a single-account trail, a multi-account trail, and a platform event trail.


Item	Single-account trail	Multi-account trail	Platform event trail
Scenario	An individual user can create a single-account trail to deliver events to a Log Service Logstore or an Object Storage Service (OSS) bucket. An individual user can create multiple single-account trails to achieve the following goals: Assume different roles to audit different types of events. Manage the audit data for multiple regions in a compliant manner. Create multiple replicas for an event log.	After an enterprise creates a resource directory, the master account can create a multi-account trail to deliver events of all member accounts in the resource directory to a Log Service Logstore or an OSS bucket.	An individual user can create a platform event trail to deliver events that are generated when the Alibaba Cloud O&M team maintains services for users to a Log Service Logstore.
Enabling method	Each Alibaba Cloud account can create single-account trails.	After an enterprise creates a resource directory and establishes an organizational structure in the resource directory, the enterprise management account can create a multi-account trail in the ActionTrail console.	Submit a ticket or ask your sales manager to add you to the whitelist of users who can create a platform event trail.
Supported Alibaba Cloud services	Alibaba Cloud services that support ActionTrail	Alibaba Cloud services that support ActionTrail	OSS, Elastic Compute Service (ECS), ApsaraDB RDS, Container Service for Kubernetes (ACK), Container Registry (ACR), and E-MapReduce
Account allowed to create trails	Alibaba Cloud account	Enterprise management account	Alibaba Cloud account
Types of events to be delivered	Events that are generated when an individual user uses the Alibaba Cloud Management Console, API operations, or developer tools to access and manage Alibaba Cloud services.	Events that are generated when an enterprise user uses the Alibaba Cloud Management Console, API operations, or developer tools to access and manage Alibaba Cloud services.	Events that are generated when the Alibaba Cloud O&M team maintains services for users.
Scope of events to be delivered	Events of the current account	Events of all member accounts	Platform events of the current account
Storage service for delivered events	Log Service OSS	Log Service OSS	Log Service
Query method	ActionTrail console `LookupEvents` operation OSS console Log Service console	Enterprise management account: ActionTrail console `LookupEvents` operation Member account: OSS console Log Service console	ActionTrail console Log Service console
Maximum number of trails allowed	Five in each region	One in each region	One for all regions
Storage path in an OSS bucket	`oss://<bucket>/<Log file prefix>/AliyunLogs/Actiontrail/regionid/<YYYY>/<MM>/<DD>/<Log file>`	`oss://<bucket>/<Log file prefix>/AliyunLogs/Actiontrail/rd_id/accountid/regionid/yyyy/mm/dd/Log file`	N/A
Default name of a Log Service Logstore	`actiontrail_Single-account trail name`	`actiontrail_Multi-account trail name`	`innertrail_Platform event trail name`