1. Log on to the ActionTrail console.
  2. Click Trail list in the left-side navigation pane.
  3. Select a region, then click Create Trail.
    Note The selected region then becomes the home region of the trail.
  4. Enter a Trail name.
  5. You can choose to ship audit events to Log Service or an OSS Bucket.
    Note Select an event type based on your business needs.
    • Log Service: select a Log Service project region and enter a Log Service project name.
    • OSS Bucket: To create a new OSS bucket, select Yes, and enter a bucket name. To use an existing bucket, select No, and select a bucket from the drop-down OSS Bucket list.
  6. Click Submit.
    Note If this is the first trail you create, the system prompts a message indicating that you must authorize ActionTrail to access OSS and Log Service.
    Authorized access to OSS


  • Log Service: ActionTrail automatically creates a Logstore named actiontrail_trail name, index, and chart, and saves the trail event in JSON format.


For more information, see ActionTrail access log.

  • OSS Bucket: ActionTrail records are saved to an OSS bucket as logs in a compressed JSON file. The maximum file size is 2 KB. You can further analyze the logs using E-MapReduce or a third-party log analysis service.

The format of OSS storage path:

oss://<bucket>/<Log file prefix>/AliyunLogs/Actiontrail/<region>/<YYYY>/<MM>/<DD>/<Log file>