This topic describes how to enable the log shipping feature in the ActionTrail console. After you enable the log shipping feature, you can ship operations logs of cloud services from ActionTrail to Log Service.

Prerequisites

ActionTrail is authorized to use the AliyunActionTrailDefaultRole role to ship logs to Log Service.
You can go to the Cloud Resource Access Authorization page to complete the authorization. This operation is required only when you enable the log shipping feature for the first time. You must complete the authorization by using your Alibaba Cloud account.
Warning To ensure that operations logs can be shipped to Log Service, do not revoke permissions from the AliyunActionTrailDefaultRole role or delete the AliyunActionTrailDefaultRole role.

Procedure

Important Before you can use a RAM user to enable the log shipping feature, you must grant the required permissions to the RAM user. For more information, see Authorize a RAM user to use the access log feature.
  1. Log on to the ActionTrail console.
  2. In the left-side navigation pane, choose ActionTrail > Trails > Create Trail.
  3. On the Create Trail page, set the required parameters.
    For more information about how to set the parameters, see Create a single-account trail.
    1. Configure basic trail settings and click Next.
    2. Configure event delivery settings and click Next.
      The following table describes the parameters that you can use to ship operations logs to Log Service.
      ParameterDescription
      Delivery to Log ServiceSelect Delivery to Log Service to ship logs to Log Service.

      You can select New Log Service Project or Existing Log Service Project based on your business requirements.

      Logstore RegionThe region where the Logstore resides.
      Project NameThe name of the project. You can select an existing project or create a project.
    3. Confirm the configurations and click Submit.

What to do next

After operations logs of cloud services are shipped from ActionTrail to Log Service, you can query, analyze, download, ship, and transform the logs. You can also configure alerts for the logs. For more information, see Common operations on logs of Alibaba Cloud services.