OSS provides automatic saving of server access logs. A bucket owner can log on to OSS console to enable the server access logging feature for all the owner’s buckets.

When access logging is activated for a bucket (Source Bucket), the OSS generates an object containing all access request logs of that bucket (by hour) and write the object into the user-designated bucket (Target Bucket) according to fixed naming rules.

Object naming rules for access logging


In the naming rules, the TargetPrefix is specified by the user; YYYY, mm, DD, HH,  MM, and SS give the year, month, day, hour, minutes, and seconds of the creation time in Arabic numerals (note the digits); and UniqueString is the string generated by the OSS system. An example for the name of an object actually used to store OSS access logs is given as follows:


In the preceding example, "MyLog-" is the Object prefix specified by the user; "oss-example" is the name of the origin bucket; "2012-09-10-04-00-00" is the Object creation time (Beijing time); and "0000" is the string generated by the OSS system.

Log file format

(Separated by spaces from left to right):

Name Example Description
Remote IP IP address from which the request is initiated (the proxy or user firewall may block this field)
Reserved - Reserved field
Reserved - Reserved field
Time [02/May/2012:00:00:04 +0800] Time when the OSS receives the request
Request-URI GET /aliyun-logo.png HTTP/1.1 User-Requested URI (including query-string)
HTTP Status 200 HTTP status code returned by the OSS
SentBytes 5576 Traffic that the user downloads from the OSS
RequestTime (ms) 71. Time spent in completing this request (in ms)
Referer http://www.aliyun.com/product/oss Requested TTP Referer
User-Agent curl/7.15.5 HTTP User-Agent header
HostName oss-example.oss-cn-hangzhou.aliyuncs.com Domain name for access request
Request ID 505B01695037C2AF032593A4 UUID used to uniquely identify this request
LoggingFlag true Whether the access logging function is enabled
Requester Aliyun ID 1657136103983691 Alibaba Cloud ID of the requester, "-" for anonymous access
Operation GetObject Request type
Bucket oss-example Name of the bucket requested for access
Key /aliyun-logo.png User-Requested Key
ObjectSize 5576 Object size
Server Cost Time (ms) 17 Time taken by the OSS server to process this request (in ms)
Error Code NoSuchBucket Error code returned by the OSS
Request Length 302 Length of user request (byte)
UserID 1657136103983691 ID of the bucket owner
Delta DataSize 280  Bucket size variation, "-" for no change
Sync Request - Whether this is a origin retrieval request from CND, "-" for no
Reserved - Reserved Field

Detail analysis

  • The source bucket and target bucket must belong to the same data center of the same user.
  • TargetPrefix indicates the name prefix of the object used for storing access logs. The field can be left blank.
  • The source bucket and target bucket can be the same or different buckets (but must be both in the same region). You can save logs from multiple source buckets to the same target bucket (in this case, we recommend that you assign different values to TargetPrefix).
  • The OSS generates a bucket access log file every hour. However, all requests in the hour may not be recorded in the log file, but may be recorded in the previous or next log file.
  • In the naming rules for log files generated by the OSS, "UniqueString" is only a UUID that the OSS generates for an object to uniquely identify the file.
  • Each time the OSS generates a bucket access log file, this is considered a PUT operation and the occupied space is recorded, but the generated traffic is not recorded. After log files are generated, you can operate these log files as common objects.
  • The OSS ignores all query-string parameters prefixed by "x-" but such query-string parameters are recorded in access logs.  If you want to mark a special request from massive access logs, you can add a query-string parameter prefixed by "x-" to the URL. For example:



    When the OSS processes the preceding two requests, the results are the same.  However, you can search access logs with "x-user=admin" to quickly locate the marked request.

  • You may see "-" in any field of OSS logs. It indicates that data is unknown or the field is invalid for the current request.
  • Certain fields are added to the end of OSS log files in the future based on the requirements. We recommend that developers take compatibility issues into consideration when developing log processing tools.