The log analysis feature of Security Center allows you to export logs to your computer. This helps you analyze logs to troubleshoot issues in a convenient manner. This topic describes how to export logs.
Procedure
Log on to the Security Center console. In the top navigation bar, select the region of the asset that you want to manage. The following regions are supported: China and Outside China.
In the left-side navigation pane, choose .
On the page that appears, select a log type from the drop-down list in the upper-left corner and query logs based on your business requirements. For more information about how to query logs, see Use custom log query and analysis.
On the Raw Logs tab, click the
icon and select Download Log. In the Log Download dialog box, configure parameters and download logs.
Security Center allows you to download logs by using one of the following methods:
Direct download: Configure parameters and click OK to download logs.
This method allows you to download a maximum of 20 million logs that are returned for standard query statements. If you want to download more than 20 million logs, use another method.
In the Log Download dialog box, configure the following parameters and click OK.
Parameter
Description
Time Range
The time range to query logs.
Query Statement
The statement to query logs.
Task Name
The name of the download task.
Log Quantity
The number of logs that you want to download.
All Logs: All logs that are queried are downloaded.
Custom Log Quantity: A specified number of logs are downloaded. You can specify the number based on your business requirements.
Data Format
The file format to save the downloaded logs.
Quote
The quote that is used to enclose strings in a quote function.
Download Inaccurate Results
Specifies whether to download inaccurate results.
Compression Method
The method that is used to compress logs.
Sorting Rule
The rule that is used to sort logs.
On the Raw Logs tab, click the
icon and select History. In the Log Export History dialog box, view the status of the download task. If the task enters the Successful state, click Download.
After the download, the log file is saved in the default download directory of your browser.
Download with Cloud Shell: You can use Cloud Shell to download all logs that are queried. After the download is complete, the logs are saved to a TXT file.
In the Log Download dialog box, click Download with Cloud Shell and complete the download as prompted.
NoteThe Cloud Shell server resides in the China (Shanghai) region. If you download logs from a Logstore that does not reside in the China (Shanghai) region, you are charged for data transfer over the Internet. You can click Price Details to learn more about the pricing of data transfer.
Download with CLI: You can use a CLI to download logs. If you use this method, you must obtain the AccessKey ID and AccessKey secret of the current user.
In the Log Download dialog box, click Download with CLI and install the CLI.
Click Security information management to obtain the AccessKey ID and AccessKey secret of the current user.
Click Copy Command and replace the values of the
AccessKeyIdandAccessKeySecretparameters in the CLI with the AccessKey ID and AccessKey secret of the current user.If the server on which the CLI is installed resides in the region of the Logstore whose logs you want to download, we recommend that you use an internal endpoint. If you use an internal endpoint, you can download logs at a higher speed. In addition, you are not charged for Internet bandwidth resources. You can click Switch to Internal Endpoint to switch to the internal endpoint.
Run the command in the CLI.