All Products
Search
Document Center

Tair (Redis® OSS-Compatible):Real-time log tracing

Last Updated:Dec 05, 2025

Real-time log tracing is a lightweight request tracing feature that supports multi-dimensional filtering and automatic termination. You can use this feature to quickly locate abnormal access behavior.

Function overview

You can use this feature for real-time diagnosis. When you enable this feature, you can configure request rules and filter conditions. The system then matches specific requests and prints detailed access logs. This feature has the following characteristics:

  • Real-time: Prints logs in real time. The feature takes effect immediately after you enable it.

  • Multi-dimensional filtering rules: Supports flexible combinations of conditions, such as command type, client IP address, request data size, or specified keys.

  • Runtime control: You can set a maximum duration in seconds or a maximum number of log entries to automatically stop the task.

  • Low performance overhead: Records only the request logs that match the rules. The performance overhead is significantly lower than that of audit logs.

Scenarios

  • Locate the access sources of hot keys and large keys to optimize your cache policies.

  • Trace abnormal commands to quickly locate behaviors such as malicious scans or resource abuse.

Note

This feature is for temporary, real-time diagnosis only. For long-term auditing, use the Audit Log feature.

Version limits

Your instance must be a memory-optimized Tair (Enterprise Edition) instance that runs minor version 25.10.1.0 or later.

Procedure

  1. Log on to the console and go to the Instances page. In the top navigation bar, select the region in which the instance is deployed. Then, find the instance and click its ID.

  2. In the navigation pane on the left, click CloudDBA > Instance Session.

  3. Click the Instance Tracing tab, and then click Create Tracing Rule.

    Note

    You can create up to five tracing rules simultaneously.

  4. In the panel that appears, configure the tracing and filtering rules.

    This example shows how to find which clients access the large key "bighash". Configure the following parameters and leave the others at their default settings.

    • Rule Name: bighash Key.

    • Command Settings - Input: Enter +@hash.

      Note

      The more specific the rule, the better the performance. For example, +hset performs better than +@hash.

    • Key Match: Select Key Pattern and enter bighash.

    (Optional) Expand for parameter details.

    Rule Name is the only required parameter. All other parameters are combined using a logical AND (&&) operator. You can leave them at their default settings.

    Category

    Configuration item

    Description

    Name

    Rule Name (Required)

    The name of the tracing rule.

    Match Conditions

    Command Settings - Select

    Add or exclude command groups or specific commands to be traced. You can create custom combinations.

    Command Settings - Input

    You can also enter tracing command rules in this text box. The syntax is similar to the Redis Access Control List (ACL) style. For example, +@write +@hash +@string -hsetnx means to trace write commands for Hash and String, but exclude the HSETNX command.

    Key Match

    Select All Keys or specify a Key Pattern. Wildcard characters are supported.

    Channel Match

    Used only to trace channels for Pub/Sub commands. Select All Channels or specify a Channel Pattern. Wildcard characters are supported.

    Client IP Match

    Select All IPs or specify an IP Pattern. The IP Pattern supports the CIDR format. For example, 192.168.1.0/24 represents the IP address range from 192.168.1.0 to 192.168.1.255.

    Response Size Limit

    Unit: bytes. The default is 0, which means no limit.

    Request Size Limit

    Unit: bytes. The default is 0, which means no limit.

    End Conditions

    End by Log Count

    The tracing task ends when any of the conditions are met.

    Monitoring Duration

  5. Click Create And Run.

    The tracing task starts.

  6. Refresh the Real-time Tracing Log list. The list displays the request logs that match the rule, as shown in the following figure.image

    The tracing task stops automatically when any of the end conditions are met. You do not need to stop it manually. You can modify, delete, or run the tracing rule again.

    Warning
    • When you run a tracing rule again, the original logs are overwritten. To keep the original logs, make sure to export and save them first.

    • If you delete a rule, the logs associated with that rule are also deleted.

Troubleshooting suggestions

You can use the client IP address and command behavior to troubleshoot your service logic or configure access control settings.