- Log on to the ActionTrail console.
- Click Trail list in the left-side navigation pane.
- Select a region, then click Create Trail.
The selected region then becomes the home region of the trail.
- Enter a Trail name.
- You can choose to ship audit events to Log Service or an OSS Bucket.
Note Select an event type based on your business needs.
- Log Service: select a Log Service project region and enter a Log Service project name.
- OSS Bucket: To create a new OSS bucket, select Yes, and enter a bucket name. To use an existing bucket, select No, and select a bucket from the drop-down OSS Bucket list.
- Click Submit.
If this is the first trail you create, the system prompts a message indicating that you must authorize ActionTrail to access OSS and Log Service.
- Log Service: ActionTrail automatically creates a Logstore named
actiontrail_trail name, index, and chart, and saves the trail event in JSON format.
For more information, see ActionTrail access log.
- OSS Bucket: ActionTrail records are saved to an OSS bucket as logs in a compressed JSON file.
The maximum file size is 2 KB. You can further analyze the logs using E-MapReduce
or a third-party log analysis service.
The format of OSS storage path:
oss://<bucket>/<Log file prefix>/AliyunLogs/Actiontrail/<region>/<YYYY>/<MM>/<DD>/<Log file>