All Products
Search

This Product

    ApsaraDB for ClickHouse:Event logs in ActionTrail

    Document Center

    ApsaraDB for ClickHouse:Event logs in ActionTrail

    Last Updated:Apr 06, 2023

    ApsaraDB for ClickHouse works together with ActionTrail to allow you to query user behavior logs in ActionTrail and deliver the logs to a Logstore in Log Service or an Object Storage Service (OSS) bucket. This way, you can audit logs in real time and backtrace and analyze issues based on the logs. This topic describes how to query event logs of an ApsaraDB for ClickHouse cluster in the ActionTrail console.

    Background information

    ActionTrail monitors and records the operations logs of an Alibaba Cloud account. ActionTrail collects the following events for an ApsaraDB for ClickHouse cluster:

    Limits

    • In the ActionTrail console, you can query only the events delivered by single-account trails. You can perform queries at most twice per second. You cannot query the events delivered by multi-account trails in the ActionTrail console. You can query such events in the corresponding Object Storage Service (OSS) bucket or Log Service Logstore. For more information, see Create a multi-account trail.
    • You can use the event query feature to query only the events that occurred in the current region in the last 90 days.
      • To query the events that occurred in the current region 90 days ago, you must create a single-account trail to deliver the events to OSS or Log Service. Otherwise, you cannot query the events that were generated more than 90 days ago. For more information, see Create a single-account trail.
      • To query the events that occurred in multiple regions 90 days ago or filter and query events based on multiple conditions, you can use the advanced event query feature. For more information, see Perform custom event queries.
    • After an event occurs within your Alibaba Cloud account, you must wait 10 minutes before you can query the event in the ActionTrail console.

    Usage notes

    • ActionTrail is automatically activated. If your Alibaba Cloud account has completed real-name verification and has no overdue payment, you can use the account to log on to the ActionTrail console.

    • If you use ActionTrail to create a trail and deliver events to an Object Storage Service (OSS) bucket or a Log Service Logstore, you are charged based on the billing policies of the service involved.

    For more information, see Billing.

    Query event logs in ActionTrail

    1. Log on to the ActionTrail console.

    2. In the left-side navigation pane, click Query.
    3. In the top navigation bar, select the region where the event that you want to query occurred from the drop-down list.

    4. On the Event Detail Query page, move the pointer over the name of the desired event and view the event details.

      Note

      On the Event Detail Query page, you can search for events by Read/Write type, Username, Event Name, Resource Type, Resource Name, Service Name, or AccessKeyId.

    5. Optional. To view the details of an event, click the plus sign (+) to the left side of the event and click Event Detail.

      The following sample code shows the details of an event for an ApsaraDB for ClickHouse cluster:

      {
  "ApiVersion": "2019-11-11",
  "RequestId": "76BEA6CF-****-****-****-12393F559EFF",
  "EventType": "ApiCall",
  "UserIdentity": {
    "Type": "ram-user",
    "InvokedBy": "",
    "AccountId": "",
    "UserName": "",
    "PrincipalId": "20**************95",
    "AccessKeyId": "TMP.**********4K99m",
    "Arn": ""
  },
  "AcsRegion": "cn-shenzhen",
  "EventName": "CreateAccountAndAuthority",
  "IsBlack": false,
  "RequestParameters": {
    "AcsHost": "clickhouse-share.aliyuncs.com",
    "RequestId": "76BEA6CF-****-****-****-12393F559EFF",
    "DBClusterId": "cc-2z*********7q",
    "HostId": "clickhouse-share.aliyuncs.com",
    "AllowDatabases": "sh*****g",
    "AccountPassword": "***************",
    "DdlAuthority": true,
    "DmlAuthority": "all",
    "AcsProduct": "clickhouse",
    "TotalDatabases": "de***lt,sh***g",
    "TotalDictionaries": "",
    "AllowDictionaries": "",
    "AcceptLanguage": "zh-CN",
    " charset": "UTF-8",
    "AccountName": "root"
  },
  "EventSource": "clickhouse-share.aliyuncs.com",
  "ServiceName": "ClickHouse",
  "EventTime": "2021-06-08T08:28:57.497+0000",
  "ReferencedResources": {},
  "UserAgent": "clickhouse.console.aliyun.com",
  "EventId": "76BEA6CF-****-****-****-12393F559EFF",
  "ResponseElements": {
    "RequestId": "76BEA6CF-****-****-****-12393F559EFF"
  },
  "ErrorCode": "",
  "ErrorMessage": "",
  "EventVersion": "",
  "SourceIpAddress": "11*.*.*.*7"
}

    Related operations

    You can deliver event logs collected by ActionTrail to Log Service or OSS. For more information, see Query events in the Log Service or OSS console.

    Important

    You are charged for delivering event logs. For more information, see Billing.

    Events on the buy page

    ActionTrail records the following events for an ApsaraDB for ClickHouse cluster.

    Event type

    Event name

    Description

    AliyunServiceEvent

    Create

    Creates a cluster on the buy page.

    AliyunServiceEvent

    Renew

    Renews a cluster on the buy page.

    AliyunServiceEvent

    Release

    Automatically releases subscription resources after the subscription resources expire.

    Events for API calls

    The name of the API call for an ApsaraDB for ClickHouse cluster. For more information, see List of operations by function.