This topic describes how to enable the log shipping feature in the ActionTrail console. After you enable the log shipping feature, you can ship operations logs of cloud services from ActionTrail to Log Service.
PrerequisitesActionTrail is authorized to use the AliyunActionTrailDefaultRole role to ship logs to Log Service.
You can go to the Cloud Resource Access Authorization page to complete the authorization. This operation is required only when you enable the log shipping feature for the first time. You must complete the authorization by using your Alibaba Cloud account.
Warning To ensure that operations logs can be shipped to Log Service, do not revoke permissions from the AliyunActionTrailDefaultRole role or delete the AliyunActionTrailDefaultRole role.
Important Before you can use a RAM user to enable the log shipping feature, you must grant the required permissions to the RAM user. For more information, see Authorize a RAM user to use the access log feature.
- Log on to the ActionTrail console.
- In the left-side navigation pane, choose .
- On the Create Trail page, set the required parameters.For more information about how to set the parameters, see Create a single-account trail.
- Configure basic trail settings and click Next.
- Configure event delivery settings and click Next.The following table describes the parameters that you can use to ship operations logs to Log Service.
Parameter Description Delivery to Log Service Select Delivery to Log Service to ship logs to Log Service.
You can select New Log Service Project or Existing Log Service Project based on your business requirements.
Logstore Region The region where the Logstore resides. Project Name The name of the project. You can select an existing project or create a project.
- Confirm the configurations and click Submit.