All Products
Search

This Product

    HTTPDNS:Parse Logs

    Document Center

    HTTPDNS:Parse Logs

    Last Updated:Mar 20, 2026

    This topic describes how to enable log parsing and forward the parsed logs to your Alibaba Cloud Simple Log Service (SLS) instance. This enables long-term log storage, multidimensional log analysis, and compliance with audit requirements.

    Configure permissions for RAM users

    Important

    If you use a RAM user, that user cannot enable log parsing by default. The root account must first grant the required permissions.

    Grant permissions

    1. Log on to the RAM console. In the left navigation pane, choose Identity Management > Users, and locate the RAM user.image

    2. Click Add Permissions. Then grant the following permissions:

      • AliyunHTTPDNSFullAccess (full HTTPDNS operations)

      • AliyunLogFullAccess (full SLS permissions)

      • AliyunRAMFullAccess (required for role-based authorization)

    3. After you save the settings, the RAM user can enable log parsing.

    Navigate to the page

    1. Log on to the or the EMAS console.

    2. In the left navigation pane, choose Operation Center > DNS Logs.image

    Enable and start parse logs

    Step 1: Enable Simple Log Service (SLS)

    If your Alibaba Cloud account has not yet enabled SLS, you must enable it before you can use log parsing.

    On the Parse Logs page, click Enable Now. On the Simple Log Service page, read and select Simple Log Service Agreement. Then click Enable Now. After SLS is enabled, return to the Parse Logs tab.

    Note

    If your Alibaba Cloud account already has SLS enabled, skip this step.

    Step 2: Complete role-based authorization

    If you have not yet completed role-based authorization, do so before using log parsing.

    On the Parse Logs page, if no authorization has been performed, a prompt appears automatically. Click Authorize Now. You are redirected to the quick authorization page in the Resource Access Management console. Review the authorization details and click Confirm Authorization to complete the role grant.

    Note

    If your Alibaba Cloud account has already completed role-based authorization, skip this step.

    Step 3: Start parse logs

    On the Parse Logs page, click Start Delivery and confirm.

    Note

    After you start log parsing, HTTPDNS parse logs are stored in SLS. You can view and analyze the logs. SLS charges apply. For details, see and Billing items for pay-as-you-go features.

    View forwarded logs

    1. After you enable this feature, the system collects and forwards DNS logs to SLS in real time. You can view the detailed log content in the console.image

    Field name

    Description

    Example value

    status

    Request status. success means an IP address was resolved. failed means no IP address was resolved. For possible causes, see the error_code field.

    success

    error_code

    Error code. none means resolution succeeded or the error is unknown. For error code meanings, see 6.2 Response codes and 6.3 No-IP response codes.

    none

    http_scheme

    Protocol type used for the HTTPDNS request. Values include HTTP, HTTPS, and DOH.

    DOH

    domain

    Target domain name for resolution.

    www.aliyun.com

    client_ip

    Client IP address passed to the authoritative DNS server. By default, this is the public outbound IP of the client device.

    106.11.XX.XXX

    ips

    List of resolved IP addresses returned by HTTPDNS. Multiple IPs are comma-separated.

    3.33.XXX.190,15.197.XXX.33

    cost

    Time taken by the server to process the resolution request.

    457ms

    encryption

    Content encryption method used for the resolution request parameters. This does not include transport-layer encryption such as HTTPS. plain means plaintext. aes means ciphertext.

    plain

    os

    Client operating system type. Examples include Android, iOS, and HarmonyOS. Custom requests or unknown systems show Unknown.

    Unknown

    query

    DNS query type. Common values include A (IPv4), AAAA (IPv6), and HTTPS (SVCB).

    A

    remote_ip

    Public outbound IP address seen by the HTTPDNS server.

    106.11.63.180

    sdk_version

    HTTPDNS SDK version number. For requests without the SDK, this field shows none.

    none

    sid

    Session ID from the SDK. A new ID is generated each time the app restarts. For requests without the SDK, this field shows none.

    none

    signed

    Whether signature verification was performed on the request. true means verification was performed. false means it was not.

    false

    time

    Time when the server finished processing the request.

    2025-10-27 15:21:51

    account_id

    ID of the HTTPDNS account.

    139450

    user_agent

    User-Agent string from the client.

    Curl

    Stop parse logs

    1. To stop parsing logs, you can click the Close button.image

    2. The system displays a confirmation dialog box to confirm the shutdown.image

    FAQ

    The UI displays the "The index is not enabled for the Logstore" messageimage

    • Reason: Index initialization may be delayed after you create a project for the first time. This is normal.

    • Solution: Wait a few minutes and refresh the page. No manual action is needed.

    project xxx has been forbidden

    image

    • Reason: The corresponding SLS project was deleted and moved to the recycle bin.

    • Solution: Log on to the Simple Log Service console, go to the recycle bin, find the deleted Project, and perform a recovery operation.image

    Project does not exist

    image

    • Reason: Project configuration failed or project creation failed.

    • Solution: On the DNS Logs page, click Close and then click Enable again.image