tencent cloud

All product documents
Event Bridge
DocumentationEvent BridgeEventTencent Cloud Service EventCloud Audit Event
Cloud Audit Event
Download PDF
Last updated: 2024-07-23 15:08:07
Cloud Audit Event
Last updated: 2024-07-23 15:08:07
Download PDF

Overview

Tencent Cloud CloudAudit can be used to retrieve the historical records of API calls under your Tencent Cloud account, including API calls via the Tencent Cloud console, Tencent Cloud SDKs, command line tools, and other Tencent Cloud services. This means that any deployment behavior on Tencent Cloud is monitored, and you can find out the source IP address and time when a sub-user or collaborator calls a Tencent Cloud API.
Currently, Tencent Cloud CloudAudit has been fully integrated into EventBridge. You can use the default Tencent Cloud service event bus to receive write operations on the cloud for management and Ops. For the services and APIs that support CloudAudit, see CloudAudit-Enabled Services and APIs.

Event Format

{
    "specversion":"1.0",
    "id":"13a3f42d-7258-4ada-da6d-023a33******",
    "source":"${ProductName}.cloud.tencent",
    "type":"cvm:CloudEvent:ApiCall",
    "subject":"${resource ID}",
    "time": 1615430559146,
    "region":"ap-guangzhou",
    "resource":[
        "qcs::eb:ap-guangzhou:uid1250000000:eventbusid/eventruleid"
    ],
    "datacontenttype":"application/json;charset=utf-8",
    "tags":{
        "key1":"value1",
        "key2":"value2"
     },
    "data":{
        ${Raw API operation log}
    }
}
The event parameters are as detailed below:
Field
Description
Data Type
specversion
Event structure version (CloudEvents version. Currently, only CloudEvents - Version 1.0 is supported.)
String
id
ID returned by PUT Event.
String
type
Type of the event input through PUT Event. CloudAudit events are classified into three types based on the event source: ${Product name abbreviation}:CloudEvent:ApiCall, ${Product name abbreviation}:CloudEvent:ConsoleCall, ${Product name abbreviation}:CloudEvent:MiniProgramCall.
String
source
Event source (which is required for a Tencent Cloud service event and is the abbreviation of subject). The value is xxx.cloud.tencent by default for a Tencent Cloud service.
String
subject
Event source details, which can be customized. QCS description such as qcs::dts:ap-guangzhou:appid/uin:xxx is used for a Tencent Cloud service by default.
String
time
Event time, which is a GMT+0 timestamp in milliseconds such as 1615430559146.
Timestamp
datacontenttype
Data structure declaration.
String
region
Region information.
String
data
Details of the event input through PUT Event. For a CloudAudit event, pass in the complete CloudAudit log here.
Json

Call Method

Before receiving CloudAudit events, make sure that you have activated the CloudAudit service and created related service roles.
1. Log in to the EventBridge console and open the Tencent Cloud service event bus under the Guangzhou region.


2. On the event bus details page, select to enable CloudAudit.
3. On the Event Rule page, select an event bus, create an event rule, filter event types, and bind delivery targets. For detailed directions, see Creating Event Rule.
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No

Feedback

Contact Us

Contact our sales team or business advisors to help your business.

Contact Us
Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 available.

Submit a Ticket
7x24 Phone Support
Hong Kong, China
+852 800 906 020 (Toll Free)
United States
+1 844 606 0804 (Toll Free)
United Kingdom
+44 808 196 4551 (Toll Free)
Canada
+1 888 605 7930 (Toll Free)
Australia
+61 1300 986 386 (Toll Free)
EdgeOne hotline
+852 300 80699
More local hotlines coming soon