All Products
Search
Document Center

Simple Log Service:Manage service logs

Last Updated:Aug 02, 2023

This topic describes how to enable and disable the service log feature and how to modify service log configurations.

Prerequisites

  • A project is created. For more information, see Create a project.

  • The RAM user that you want to use to log on to the Simple Log Service console is granted the required permissions. To grant permissions to a RAM user, you must use an Alibaba Cloud account. For more information, see Grant permissions to a RAM user.

Enable the service log feature

Important
  • The billing method for all Logstores is the same regardless of whether the Logstores contain detailed logs. For more information, see Billable items of pay-by-feature.

  • You are not charged when you import, store, query, and analyze important logs and job operational logs. You are charged for data shipping and data transformation based on the pay-as-you-go billing method.

  • Only the service logs that are generated after you enable the service log feature are recorded.

  1. Log on to the Log Service console.
  2. In the Projects section, click the project that you want to manage.
  3. On the Overview page of the project, click the Service Log tab. On the Service Log tab, click Enable Service Logs.

  4. In the Enable Service Logs panel, set the parameters. The following table describes the parameters.

    Parameter

    Description

    Service Logs

    • Detailed Logs: records logs related to operations that are performed on the resources in your project, including create, modify, delete, read, and write operations. Detailed logs are stored in the internal-operation_log Logstore of a specified project.

    • Important Logs: records the consumption delay logs of consumer groups and Logtail heartbeat logs by Logstore. Important logs are stored in the internal-diagnostic_log Logstore of a specified project.

    • Job Operational Logs: records the failure and delay information about Scheduled SQL jobs and data shipping jobs. Job operational logs are stored in the internal-diagnostic_log Logstore of a specified project.

    Log Storage Location

    • Automatic creation (recommended): Simple Log Service automatically creates a project named log-service-{User ID}-{region} in the same region to store service logs. We recommend that you store all service logs of the same region in this project.

    • Current Project: Simple Log Service stores service logs in the current project.

    • Other projects in the drop-down list: Simple Log Service stores service logs in another project that resides in the same region as the current project. You can specify only the project that resides in the same region as the project for which the service log feature is enabled.

  5. Click OK.

Modify service log configurations

  1. Log on to the Log Service console.
  2. In the Projects section, click the project that you want to manage.
  3. On the Overview page of the project, click the Settings icon on the Service Log tab.

  4. In the Service Logs section of the Modify Service Logs Settings panel, select the log type that you need to record and clear the log type that you do not need to record.

  5. Select a project in which you want to store service logs from the Log Storage Location drop-down list.

    Note
    • We recommend that you select Automatic creation (recommended) to store service logs in the project that is automatically created. The service logs of different projects that reside in the same region can be stored in the same project.

    • After you change the value of Log Storage Location, the service logs that are generated after the change are stored in the new project that you specify. The logs that are stored in the original project are not automatically deleted or migrated to the new project that you specify. If you no longer need the logs in the original project, you can manually delete the original project.

  6. Click OK.

Disable the service log feature

  1. Log on to the Log Service console.
  2. In the Projects section, click the project that you want to manage.
  3. On the Overview page of the project, click the Settings icon on the Service Log tab.

  4. In the Service Logs section of the Modify Service Logs Settings panel, clear all log types that are selected.

  5. Click OK.

    Note

    After you disable the service log feature, Simple Log Service does not delete the service logs that are stored in the specified project. The service logs are deleted when the retention period of the service logs expires. You can also manually delete the project to delete the service logs that you no longer need.

Grant permissions to a RAM user

Before you can use the service log feature as a RAM user, you must use your Alibaba Cloud account to grant the required permissions to the RAM user. For more information about how to grant permissions, see Create a RAM user and authorize the RAM user to access Simple Log Service. The following code shows a sample policy that contains the required permissions:

{
  "Version": "1",
  "Statement": [
    {
      "Action": [
        "log:CreateDashboard",
        "log:UpdateDashboard"
      ],
      "Resource": "acs:log:*:*:project/{The project in which logs are stored}/dashboard/*",
      "Effect": "Allow"
    },
    {
      "Action": [
        "log:GetProject",
        "log:CreateProject",
        "log:ListProject"
      ],
      "Resource": "acs:log:*:*:project/*",
      "Effect": "Allow"
    },
    {
      "Action": [
        "log:List*",
        "log:Create*",
        "log:Get*",
        "log:Update*"
      ],
      "Resource": "acs:log:*:*:project/{The project in which logs are stored}/logstore/*",
      "Effect": "Allow"
    },
    {
      "Action": [
        "log:*"
      ],
      "Resource": "acs:log:*:*:project/{The project for which the service log feature is enabled}/logging",
      "Effect": "Allow"
    }
  ]
}