Queries logs of IPsec-VPN connections.
Debugging
Request parameters
Parameter | Type | Required | Example | Description |
Action | String | Yes | DescribeVpnConnectionLogs | The operation that you want to perform. Set the value to DescribeVpnConnectionLogs. |
RegionId | String | Yes | eu-central-1 | The region ID of the IPsec-VPN connection. You can call the DescribeRegions operation to query the most recent list of regions. |
VpnConnectionId | String | Yes | vco-m5evqnds4y459flt3**** | The ID of the IPsec-VPN connection. |
From | Integer | No | 1671003744 | The beginning of the time range to query. The value must be a UNIX timestamp. For example, 1671003744 specifies 15:42:24 (UTC+8) on December 14, 2022. Note If you specify From, you must also specify To or MinutePeriod. |
To | Integer | No | 1671004344 | The end of the time range to query. The value must be a UNIX timestamp. For example, 1671004344 specifies 15:52:24 (UTC+8) on December 14, 2022. Note If you specify To, you must also specify From or MinutePeriod. |
MinutePeriod | Integer | No | 10 | The interval at which log data is queried. Valid values: 1 to 10. Unit: minutes. Note If both From and To are not specified, you must specify MinutePeriod. |
PageNumber | Integer | No | 1 | The number of the page to return. Default value: 1. |
PageSize | Integer | No | 10 | The number of entries per page. Valid values: 1 to 50. Default value: 10. |
TunnelId | String | No | tun-opsqc4d97wni27**** | The tunnel ID of the IPsec-VPN connection. You can specify this parameter only for IPsec-VPN connections in dual-tunnel mode. |
Response parameters
Parameter | Type | Example | Description |
PageSize | Integer | 10 | The number of entries per page. |
PageNumber | Integer | 1 | The number of the returned page. |
RequestId | String | CF161502-4959-5C3B-B499-09B87BA931D9 | The request ID. |
Count | Integer | 10 | The number of entries on the current page. |
IsCompleted | Boolean | true | Indicates whether the log is accurate. Valid values:
|
Data | Array of String | "Logs": [ "2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: isakmp_inf.c:1514:isakmp****", "2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: oakley.c:2832:oak****", "2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: oakley.c:2833:oak****" ] | An array of strings. Each item in the array is a log entry. |
Examples
Sample requests
http(s)://[Endpoint]/?Action=DescribeVpnConnectionLogs
&RegionId=eu-central-1
&VpnConnectionId=vco-m5evqnds4y459flt3****
&From=1671003744
&To=1671004344
&MinutePeriod=10
&PageNumber=1
&PageSize=10
&TunnelId=tun-opsqc4d97wni27****
&Common request parameters
Sample success responses
XML
format
HTTP/1.1 200 OK
Content-Type:application/xml
<DescribeVpnConnectionLogsResponse>
<PageSize>10</PageSize>
<RequestId>CF161502-4959-5C3B-B499-09B87BA931D9</RequestId>
<PageNumber>1</PageNumber>
<IsCompleted>true</IsCompleted>
<Data>
<Logs>2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: isakmp_inf.c:1514:isakmp_info_send_r_u(): DPD monitoring....</Logs>
<Logs>2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: oakley.c:2832:oakley_newiv2(): compute IV for phase2</Logs>
<Logs>2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: oakley.c:2833:oakley_newiv2(): phase1 last IV:</Logs>
<Logs>2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: algorithm.c:381:alg_oakley_hashdef(): hash(sha1)</Logs>
<Logs>2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: algorithm.c:524:alg_oakley_encdef(): encryption(aes)</Logs>
<Logs>2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: oakley.c:2867:oakley_newiv2(): phase2 IV computed:</Logs>
<Logs>2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: oakley.c:657:oakley_compute_hash1(): HASH with:</Logs>
<Logs>2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: algorithm.c:464:alg_oakley_hmacdef(): hmac(hmac_sha1)</Logs>
<Logs>2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: oakley.c:667:oakley_compute_hash1(): HASH computed:</Logs>
<Logs>2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: oakley.c:3035:oakley_do_encrypt(): begin encryption.</Logs>
</Data>
<Count>10</Count>
</DescribeVpnConnectionLogsResponse>
JSON
format
HTTP/1.1 200 OK
Content-Type:application/json
{
"PageSize" : 10,
"RequestId" : "CF161502-4959-5C3B-B499-09B87BA931D9",
"PageNumber" : 1,
"IsCompleted" : true,
"Data" : {
"Logs" : [ "2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: isakmp_inf.c:1514:isakmp_info_send_r_u(): DPD monitoring....", "2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: oakley.c:2832:oakley_newiv2(): compute IV for phase2", "2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: oakley.c:2833:oakley_newiv2(): phase1 last IV:", "2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: algorithm.c:381:alg_oakley_hashdef(): hash(sha1)", "2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: algorithm.c:524:alg_oakley_encdef(): encryption(aes)", "2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: oakley.c:2867:oakley_newiv2(): phase2 IV computed:", "2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: oakley.c:657:oakley_compute_hash1(): HASH with:", "2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: algorithm.c:464:alg_oakley_hmacdef(): hmac(hmac_sha1)", "2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: oakley.c:667:oakley_compute_hash1(): HASH computed:", "2022-12-14 15:52:28 vco-m5evqnds4y459flt3**** [DEBUG]: oakley.c:3035:oakley_do_encrypt(): begin encryption." ]
},
"Count" : 10
}
Error codes
HttpCode | Error code | Error message | Description |
403 | Forbbiden.SubUser | User not authorized to operate on the specified resource as your account is created by another user. | The error message returned because you are unauthorized to perform this operation on the specified resource. Acquire the required permissions and try again. |
403 | Forbidden | User not authorized to operate on the specified resource. | The error message returned because you are unauthorized to perform this operation on the specified resource. Acquire the required permissions and try again. |
404 | InvalidVpnConnectionInstanceId.NotFound | The specified vpn connection instance id does not exist. | The error message returned because the specified IPsec-VPN connection does not exist. Check whether the ID of the IPsec-VPN connection is valid. |
For a list of error codes, see Service error codes.