This document describes how to view the event details in operation records and the field descriptions involved in event details in the CloudAudit console.
Directions
Viewing operation record
1. Log in to the CloudAudit console and select Operation Record on the left sidebar.
2. On the operation record list page, you can view the operation records of an event in the operation record list.
The operator indicates the event operator. It is divided into three types based on the following operation types:
Operation by a root account: The name “root” is displayed as the operator.
Operation by a sub-user: The sub-user name is displayed as the operator. If the sub-user has been deleted, the sub-user ID will be displayed instead.
Operation by a role: The role name is displayed as the operator. If the role has been deleted, the role ID will be displayed as the operator.
You can click an operator to go to the User List page in the CAM console to view the detailed user information.
3. CloudAudit supports many filters, including time, event, username, operation read/write type, sensitive operation, resource tag, resource name, key ID, request ID, and API error code. You can click Unfold and configure filters as needed.
Filter descriptions:
Time Range: You can filter logs within a 30-day range in the past 90 days.
Operation Type: You can filter by All, Read-only, or Write-only.
Resource Event Name: You can filter desired logs by API name in the API documentation of each product, such as CVM - RunInstances (for instance creation). Up to ten events can be queried at a time.
Note
If you can't find a product event name that you want to query in the list, submit a ticket for assistance.
Username: You can filter logs by root account, sub-account ID, or role ID.
Operation Query: You can filter all sensitive and non-sensitive operations. Sensitive operations are defined by the platform as events that may involve key operations on cloud resources. If you need to include certain operations as sensitive operations, submit a ticket for assistance.
Resource Tag: You can filter logs by resource tag. For more information on tags, see Tag Overview.
Resource Name: You search by resource ID, such as ins-fi8oxxxx.
Key ID: You can search by key ID, such as AKIDZ0GSXSG2nT5c6Xxxxxxxxxxxxxxxxx.
Request ID: You can search by request ID, such as a7da0568-7580-4798-88c8-xxxxxxxxxx.
API Error Code: You can enter an API error code as listed in the corresponding API documentation for search.
4. Click Query to get the filtered operation records.
Viewing event details
1. If you need to view the details of an event, you can click the information in the list. You can also click the + icon before the information and click View Event in the expanded module.
Note
You can check whether the event was successfully executed through the “CAM Error Code” field. If this field is empty, the event was successfully executed; otherwise, it means the execution failed. For failure details, check the errorCode and errorMessage fields in the event details.
2. Then you can view the event details in the module on the right. For more information on field descriptions, see Appendix.
Appendix
The table below displays the field descriptions of the event details in an operation record.
Yes
No
Was this page helpful?