You can call this operation to create a trail.

You can determine whether to deliver log data to a Log Service Logstore (recommended) or an OSS bucket based on business requirements.

Request parameters

Name Type Required Example Description
Action String Yes CreateTrail The operation that you want to perform. Set the value to CreateTrail.
RegionId String Yes cn-hangzhou The ID of the region where the instance is located. For more information about the latest list of Alibaba Cloud regions, see DescribeRegions.
Name String Yes trail-test The name of the trail to be created, which must be unique for an account.
EventRW String No Write Indicates whether the event is a read or a write event. Valid values: Read, Write, and All. Default value: Write.
OssBucketName String Yes yuanchuang The OSS bucket to which the trail delivers logs. Ensure that this is an existing OSS bucket.
RoleName String Yes aliyunactiontraildefaultrole The RAM role in ActionTrail permitted by the user.
OssKeyPrefix String No at-product-account-audit-B The prefix of the specified OSS bucket name. This parameter can be left empty.
SlsProjectArn String No acs:log:cn-shanghai::project/*** The unique ARN of the Log Service project.
SlsWriteRoleArn String No acs:ram::***:role/aliyunactiontraildefaultrole The unique ARN of the Log Service role.

Response parameters

Name Type Example Description
Name String trail-test The name of the trail.
EventRW String Write Indicates whether the event is a read or a write event. Valid values: Read, Write, and All. Default value: Write.
HomeRegion String cn-hangzhou The home region of the trail.
OssBucketName String yuanchuang The name of the specified OSS bucket.
OssKeyPrefix String at-product-account-audit-B The prefix of the specified OSS bucket name.
RoleName String aliyunactiontraildefaultrole The RAM role in ActionTrail permitted by the user.
SlsProjectArn String acs:log:cn-shanghai::project/*** The unique ARN of the Log Service project.
SlsWriteRoleArn String acs:ram::***:role/aliyunactiontraildefaultrole The unique ARN of the Log Service role.
RequestId String 145318BE-DEE1-4C57-AA7C-5BE7D34A6AE0 The ID of the request.

Examples

Sample requests

http://actiontrail.cn-hangzhou.aliyuncs.com/?
Action=CreateTrail
&RegionId=cn-hangzhou
&Name=trail-test
&OssBucketName=yuanchuang
&RoleName=aliyunactiontraildefaultrole
&OssKeyPrefix=
&<Common request parameters>

Sample responses

JSON format

{
  "Name": "trail-test",
  "HomeRegion": "cn-hangzhou",
  "OssBucketName": "yuanchuang",
  "OssKeyPrefix": "at-product-account-audit-B",
  "RoleName": "aliyunactiontraildefaultrole",
  "SlsProjectArn":"acs:log:cn-shanghai::project/***",
  "SlsWriteRoleArn":"acs:ram::***:role/aliyunactiontraildefaultrole"
}

Error codes

Error code Description HTTP status code
InvalidBucketNameException The error message returned when the name of the specified OSS bucket is invalid. 400
InvalidPrefixException The error message returned when the prefix is invalid. 400
InvalidTrailNameException The error message returned when the name of the specified trail is invalid. 400
TrailAlreadyExistsException The error message returned when the specified name already exists or a trail already exists in the region. 400
InsufficientBucketPolicyException The error message returned when you are not authorized to access the specified OSS bucket. 403
MaximumNumberOfTrailsExceededException The error message returned when the maximum number of trails that a user can create in a region is exceeded. 403
BucketDoesNotExistException The error message returned when the specified OSS bucket does not exist. 404