Enterprise administrators need to frequently review cloud operation logs for operation tracing, troubleshooting, and O&M monitoring of cloud resources.
Cloud operation logs must be retained for at least 180 days in compliance with legal and regulatory requirements.
Customer Challenges
Logs must be collected from each account for compliance auditing, which is complex.
Dispersed logs also make log collection, analysis, monitoring, and alerting extremely complex.
Solution Overview
With this solution, administrators can continuously collect audit logs from multiple accounts after completing configuration in just a few clicks. They can also create a multi-account log management system covering log generation, collection, retention, analysis, and alerting, by using Control Center together with other Tencent Cloud products such as Tencent Cloud Organization (TCO), CloudAudit, and Cloud Log Service (CLS).
When using CloudAudit to manage logs of multiple accounts, the administrators can apply a tracking set configuration to all member accounts.
Operation logs within each cloud account are retained for 180 days and can be shipped to Cloud Object Storage (COS) and CLS for long-term storage.
The logs shipped to CLS can be used for analysis and alerting.
Directions
Complete tracking and delivery of group organization in LandingZone
1. On the Landing zone page, click Add configuration.
2. In the Add configuration pop-up window, select Manage CloudAudit log shipping and click Confirm.
3. On the Configure CloudAudit log shipping page that appears, provide CloudAudit log information, including basic information, managed events, and shipping method.
Tracking set: Enter a name for the tracking set, which must be 3 to 128 characters long and contain uppercase letters, lowercase letters, numbers, and underscores (_).
Event type: The default value is Write only. You can change it to Read only or All.
Destination: Create a COS bucket for log shipping, specify the region where the bucket is located, and name the bucket.
4. Click Next: Preview to go to the preview page.
5. After confirming that the preview is correct, click Apply.
Viewing log destinations
1. In the Tencent Cloud console, go to the Control Center > Sign in - Tencent Cloud page where you can view the destinations of Config logs and CloudAudit logs in their respective lists.
Managing the CloudAudit log shipping tracking set
1. Click the shipping name in the CloudAudit log shipping list to open the CloudAudit > Tracking set page.
2. On the page that appears, you can view, edit, and delete the tracking set.
Managing CloudAudit log shipping COS buckets
A bucket is like a "container" for storing objects, and it has no upper limit for storage capacity. Objects are stored in buckets in a flat structure with no folders or directories. You can choose to store objects in one or multiple buckets.
1. Click the target Cloud Object Storage (COS) bucket in the CloudAudit log shipping list to open the COS > Bucket List page.
2. On the page that appears, you can manage buckets. For more information, see Bucket Overview.
Managing CLS topics
A topic is the basic unit for collecting, storing, retrieving, and analyzing logs. You can manage the relevant topics in the compliance audit module.
1. Click Query and analysis for the target Cloud Log Service (CLS) topic in the CloudAudit log shipping list to open the CLS > Log Topic page.
2. On the page that appears, you can view detailed information about the topic. For more information about the configuration, see Log Topic.
Yes
No
Was this page helpful?