Object Storage Service (OSS) generates access logs to record access to resources stored in OSS buckets. After you enable and configure logging for a bucket, OSS generates access logs every hour based on predefined naming rules and then stores the logs in a specific bucket.
Usage notes
In this topic, the public endpoint of the China (Hangzhou) region is used. If you want to access OSS from other Alibaba Cloud services in the same region as OSS, use an internal endpoint. For more information about OSS regions and endpoints, see Regions and endpoints.
In this topic, an OSSClient instance is created by using an OSS endpoint. If you want to create an OSSClient instance by using custom domain names or Security Token Service (STS), see Initialization.
To enable log storage, you must have the
oss:PutBucketLoggingpermission. To view a log storage configuration, you must have theoss:GetBucketLoggingpermission. To disable log storage, you must have theoss:DeleteBucketLoggingpermission. For more information, see Grant custom access policies to RAM users.
Enable logging for a bucket
The following sample code provides an example on how to enable logging for a bucket:
using Aliyun.OSS;
using Aliyun.OSS.Common;
// Set the Endpoint. This example uses https://oss-cn-hangzhou.aliyuncs.com, the public Endpoint for the China (Hangzhou) region. For other regions, set the Endpoint to the actual value.
var endpoint = "https://oss-cn-hangzhou.aliyuncs.com";
// Obtain access credentials from environment variables. Before you run this sample code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured.
var accessKeyId = Environment.GetEnvironmentVariable("OSS_ACCESS_KEY_ID");
var accessKeySecret = Environment.GetEnvironmentVariable("OSS_ACCESS_KEY_SECRET");
// Set the name of the bucket for which to enable log storage, for example, examplebucket.
var bucketName = "examplebucket";
// Set the destination bucket to store the log files. The destination bucket can be the same as or different from the source bucket.
var targetBucketName = "destbucket";
// Set the region where the bucket is located. This example uses cn-hangzhou, which is the ID of the China (Hangzhou) region.
const string region = "cn-hangzhou";
// Create a ClientConfiguration instance and modify the default parameters as needed.
var conf = new ClientConfiguration();
// Use Signature Version 4.
conf.SignatureVersion = SignatureVersion.V4;
// Create an OssClient instance.
var client = new OssClient(endpoint, accessKeyId, accessKeySecret, conf);
client.SetRegion(region);
try
{
// Set the folder where the log files are stored to log/. If you specify this folder, the log files are saved to the specified folder in the destination bucket. If you do not specify this folder, the log files are saved to the root directory of the destination bucket.
var request = new SetBucketLoggingRequest(bucketName, targetBucketName, "log/");
// Enable the log storage feature.
client.SetBucketLogging(request);
Console.WriteLine("Set bucket:{0} Logging succeeded ", bucketName);
}
catch (OssException ex)
{
Console.WriteLine("Failed with error code: {0}. Error message: {1}. \nRequestID:{2}\tHostID:{3}",
ex.ErrorCode, ex.Message, ex.RequestId, ex.HostId);
}
catch (Exception ex)
{
Console.WriteLine("Failed with error message: {0}", ex.Message);
}Query the logging configurations of a bucket
The following sample code provides an example on how to query the logging configurations of a bucket:
using Aliyun.OSS;
using Aliyun.OSS.Common;
// Set the Endpoint. This example uses https://oss-cn-hangzhou.aliyuncs.com, the public Endpoint for the China (Hangzhou) region. For other regions, set the Endpoint to the actual value.
var endpoint = "https://oss-cn-hangzhou.aliyuncs.com";
// Obtain access credentials from environment variables. Before you run this sample code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured.
var accessKeyId = Environment.GetEnvironmentVariable("OSS_ACCESS_KEY_ID");
var accessKeySecret = Environment.GetEnvironmentVariable("OSS_ACCESS_KEY_SECRET");
// Set the bucket name, for example, examplebucket.
var bucketName = "examplebucket";
// Set the region where the bucket is located. This example uses cn-hangzhou, which is the ID of the China (Hangzhou) region.
const string region = "cn-hangzhou";
// Create a ClientConfiguration instance and modify the default parameters as needed.
var conf = new ClientConfiguration();
// Use Signature Version 4.
conf.SignatureVersion = SignatureVersion.V4;
// Create an OssClient instance.
var client = new OssClient(endpoint, accessKeyId, accessKeySecret, conf);
client.SetRegion(region);
try
{
// View the log storage configuration.
var result = client.GetBucketLogging(bucketName);
Console.WriteLine("Get bucket:{0} Logging succeeded, prefix:{1}", bucketName, result.TargetPrefix);
}
catch (OssException ex)
{
Console.WriteLine("Failed with error code: {0}. Error message: {1}. \nRequestID:{2}\tHostID:{3}",
ex.ErrorCode, ex.Message, ex.RequestId, ex.HostId);
}
catch (Exception ex)
{
Console.WriteLine("Failed with error message: {0}", ex.Message);
}Disable logging for a bucket
The following sample code provides an example on how to disable logging for a bucket:
using Aliyun.OSS;
using Aliyun.OSS.Common;
// Set the Endpoint. This example uses https://oss-cn-hangzhou.aliyuncs.com, the public Endpoint for the China (Hangzhou) region. For other regions, set the Endpoint to the actual value.
var endpoint = "https://oss-cn-hangzhou.aliyuncs.com";
// Obtain access credentials from environment variables. Before you run this sample code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured.
var accessKeyId = Environment.GetEnvironmentVariable("OSS_ACCESS_KEY_ID");
var accessKeySecret = Environment.GetEnvironmentVariable("OSS_ACCESS_KEY_SECRET");
// Set the bucket name, for example, examplebucket.
var bucketName = "examplebucket";
// Set the region where the bucket is located. This example uses cn-hangzhou, which is the ID of the China (Hangzhou) region.
const string region = "cn-hangzhou";
// Create a ClientConfiguration instance and modify the default parameters as needed.
var conf = new ClientConfiguration();
// Use Signature Version 4.
conf.SignatureVersion = SignatureVersion.V4;
// Create an OssClient instance.
var client = new OssClient(endpoint, accessKeyId, accessKeySecret, conf);
client.SetRegion(region);
try
{
// Disable the log storage feature.
client.DeleteBucketLogging(bucketName);
Console.WriteLine("Delete bucket:{0} Logging succeeded ", bucketName);
}
catch (OssException ex)
{
Console.WriteLine("Failed with error code: {0}. Error message: {1}. \nRequestID:{2}\tHostID:{3}",
ex.ErrorCode, ex.Message, ex.RequestId, ex.HostId);
}
catch (Exception ex)
{
Console.WriteLine("Failed with error message: {0}", ex.Message);
}References
For the complete sample code for log storage, see the GitHub example.
For more information about the API operation that you can call to enable logging for a bucket, see PutBucketLogging.
For more information about the API operation that you can call to query the logging configurations of a bucket, see GetBucketLogging.
For more information about the API operation that you can call to disable logging for a bucket, see DeleteBucketLogging.