文档首页/ 云审计服务 CTS/ API参考/ API V3(推荐使用)/ 追踪器管理/ 修改追踪器
更新时间:2024-11-08 GMT+08:00
在线调试
CLI示例
查看PDF
分享

修改追踪器

功能介绍

云审计服务支持修改已创建追踪器的配置项,包括OBS桶转储、关键事件通知、事件转储加密、通过LTS对管理类事件进行检索、事件文件完整性校验以及追踪器启停状态等相关参数,修改追踪器对已有的操作记录没有影响。修改追踪器完成后,系统立即以新的规则开始记录操作。

调用方法

请参见如何调用API

URI

PUT /v3/{project_id}/tracker

表1 路径参数

参数

是否必选

参数类型

描述

project_id

String

项目ID,参见获取账号ID和项目ID章节。

请求参数

表2 请求Body参数

参数

是否必选

参数类型

描述

tracker_type

String

标识追踪器类型。 目前支持系统追踪器类型有管理类追踪器(system)和数据类追踪器(data)。 数据类追踪器和管理类追踪器共同参数有:is_lts_enabled, obs_info, is_support_validate; 管理类追踪器参数:is_support_trace_files_encryption, kms_id; 数据类追踪器参数:tracker_name, data_bucket。

枚举值:

  • system
  • data

tracker_name

String

标识追踪器名称。 当"tracker_type"参数值为"system"时该参数为默认值"system"。 当"tracker_type"参数值为"data"时该参数需要指定追踪器名称"。

status

String

标识追踪器状态,该接口中可修改的状态包括正常(enabled)和停止(disabled)。如果选择修改状态为停止,则修改成功后追踪器停止记录事件。

枚举值:

  • enabled
  • disabled

is_lts_enabled

Boolean

是否打开事件分析。

is_organization_tracker

Boolean

是否应用到我的组织。 只针对管理类追踪器。设置为true时,ORG组织下所有成员当前区域的审计日志会转储到该追踪器配置的OBS桶或者LTS日志流,但是事件列表界面不支持查看其它组织成员的审计日志。

management_event_selector

ManagementEventSelector object

管理类事件选择器。

obs_info

TrackerObsInfo object

转储桶配置

is_support_trace_files_encryption

Boolean

事件文件转储加密功能开关。 当"tracker_type"参数值为"system"时该参数值有效。 该参数必须与kms_id参数同时使用。

kms_id

String

事件文件转储加密所采用的密钥id(从KMS获取)。 当"tracker_type"参数值为"system"时该参数值有效。 当"is_support_trace_files_encryption"参数值为“是”时,此参数为必选项。

is_support_validate

Boolean

事件文件转储时是否打开事件文件校验。

data_bucket

DataBucket object

追踪桶配置信息。 当"tracker_type"参数值为"data"时该参数值有效。

agency_name

String

云服务委托名称。 参数值为"cts_admin_trust"时,修改追踪器会自动创建云服务委托:cts_admin_trust。

枚举值:

  • cts_admin_trust
表3 ManagementEventSelector

参数

是否必选

参数类型

描述

exclude_service

Array of strings

标识不转储的云服务名称。 目前只支持设置为KMS,表示屏蔽KMS服务的createDatakey事件。
表4 TrackerObsInfo

参数

是否必选

参数类型

描述

bucket_name

String

标识OBS桶名称。由数字或字母开头,支持小写字母、数字、“-”、“.”,长度为3~63个字符。

file_prefix_name

String

标识需要存储于OBS的日志文件前缀,0-9,a-z,A-Z,'-','.','_'长度为0~64字符。

is_obs_created

Boolean

是否支持新建OBS桶。 值为“true”时,表示新创建OBS桶存储事件文件; 值为“false”时,选择已存在的OBS桶存储事件文件。

bucket_lifecycle

Integer

标识配置桶内对象存储周期。 当"tracker_type"参数值为"data"时该参数值有效。

枚举值:

  • 30
  • 60
  • 90
  • 180
  • 1095

compress_type

String

压缩类型。包括不压缩(json),压缩(gzip)两种状态。默认为gzip格式。

枚举值:

  • gzip
  • json

is_sort_by_service

Boolean

路径按云服务划分,打开后转储文件路径中将增加云服务名。默认为true。
表5 DataBucket

参数

是否必选

参数类型

描述

data_bucket_name

String

数据类追踪器追踪对象的桶名。

  • 当启用或者停用数据类追踪器时,该参数为必选。
  • 管理类追踪器无此参数。
  • 追踪器一旦创建追踪桶无法修改。

data_event

Array of strings

数据类追踪器追踪的操作类型。

  • 当启用或者停用数据类追踪器时,该参数为必选。
  • 管理类追踪器无此参数。
  • READ OBS对象读取操作;WRITE OBS对象写操作。

枚举值:

  • WRITE
  • READ

响应参数

状态码: 400

表6 响应Body参数

参数

参数类型

描述

error_code

String

错误码标识,CTS.XXX。

error_msg

String

错误描述。

状态码: 401

表7 响应Body参数

参数

参数类型

描述

error_code

String

错误码标识,CTS.XXX。

error_msg

String

错误描述。

状态码: 403

表8 响应Body参数

参数

参数类型

描述

error_code

String

错误码标识,CTS.XXX。

error_msg

String

错误描述。

状态码: 404

表9 响应Body参数

参数

参数类型

描述

error_code

String

错误码标识,CTS.XXX。

error_msg

String

错误描述。

状态码: 500

表10 响应Body参数

参数

参数类型

描述

error_code

String

错误码标识,CTS.XXX。

error_msg

String

错误描述。

状态码: 503

表11 响应Body参数

参数

参数类型

描述

error_code

String

错误码标识,CTS.XXX。

error_msg

String

错误描述。

请求示例

  • 管理类追踪器修改样例。 
    PUT https://{endpoint}/v3/{project_id}/tracker

{
  "tracker_type" : "system",
  "tracker_name" : "system",
  "agency_name" : "cts_admin_trust",
  "obs_info" : {
    "is_obs_created" : false,
    "bucket_name" : "test-data-tracker",
    "file_prefix_name" : "11"
  },
  "is_lts_enabled" : false,
  "is_support_trace_files_encryption" : false,
  "kms_id" : "",
  "is_support_validate" : false,
  "status" : "enabled"
}
  • 数据类追踪器修改样例。 
    {
  "tracker_type" : "data",
  "tracker_name" : "data-tracker-name",
  "agency_name" : "cts_admin_trust",
  "obs_info" : {
    "is_obs_created" : false,
    "bucket_name" : "",
    "file_prefix_name" : "",
    "bucket_lifecycle" : 60
  },
  "is_lts_enabled" : true,
  "data_bucket" : {
    "data_event" : [ "READ", "WRITE" ]
  }
}

响应示例

SDK代码示例

SDK代码示例如下。

  • 管理类追踪器修改样例。 
     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
    		 
    package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.cts.v3.region.CtsRegion;
import com.huaweicloud.sdk.cts.v3.*;
import com.huaweicloud.sdk.cts.v3.model.*;


public class UpdateTrackerSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new BasicCredentials()
                .withAk(ak)
                .withSk(sk);

        CtsClient client = CtsClient.newBuilder()
                .withCredential(auth)
                .withRegion(CtsRegion.valueOf("<YOUR REGION>"))
                .build();
        UpdateTrackerRequest request = new UpdateTrackerRequest();
        UpdateTrackerRequestBody body = new UpdateTrackerRequestBody();
        TrackerObsInfo obsInfobody = new TrackerObsInfo();
        obsInfobody.withBucketName("test-data-tracker")
            .withFilePrefixName("11")
            .withIsObsCreated(false);
        body.withIsSupportValidate(false);
        body.withKmsId("");
        body.withIsSupportTraceFilesEncryption(false);
        body.withObsInfo(obsInfobody);
        body.withIsLtsEnabled(false);
        body.withStatus(UpdateTrackerRequestBody.StatusEnum.fromValue("enabled"));
        body.withAgencyName(UpdateTrackerRequestBody.AgencyNameEnum.fromValue("cts_admin_trust"));
        body.withTrackerName("system");
        body.withTrackerType(UpdateTrackerRequestBody.TrackerTypeEnum.fromValue("system"));
        request.withBody(body);
        try {
            UpdateTrackerResponse response = client.updateTracker(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}
  • 数据类追踪器修改样例。 
     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
    		 
    package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.cts.v3.region.CtsRegion;
import com.huaweicloud.sdk.cts.v3.*;
import com.huaweicloud.sdk.cts.v3.model.*;

import java.util.List;
import java.util.ArrayList;

public class UpdateTrackerSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new BasicCredentials()
                .withAk(ak)
                .withSk(sk);

        CtsClient client = CtsClient.newBuilder()
                .withCredential(auth)
                .withRegion(CtsRegion.valueOf("<YOUR REGION>"))
                .build();
        UpdateTrackerRequest request = new UpdateTrackerRequest();
        UpdateTrackerRequestBody body = new UpdateTrackerRequestBody();
        List<DataBucket.DataEventEnum> listDataBucketDataEvent = new ArrayList<>();
        listDataBucketDataEvent.add(DataBucket.DataEventEnum.fromValue("READ"));
        listDataBucketDataEvent.add(DataBucket.DataEventEnum.fromValue("WRITE"));
        DataBucket dataBucketbody = new DataBucket();
        dataBucketbody.withDataEvent(listDataBucketDataEvent);
        TrackerObsInfo obsInfobody = new TrackerObsInfo();
        obsInfobody.withBucketName("")
            .withFilePrefixName("")
            .withIsObsCreated(false)
            .withBucketLifecycle(60);
        body.withDataBucket(dataBucketbody);
        body.withObsInfo(obsInfobody);
        body.withIsLtsEnabled(true);
        body.withAgencyName(UpdateTrackerRequestBody.AgencyNameEnum.fromValue("cts_admin_trust"));
        body.withTrackerName("data-tracker-name");
        body.withTrackerType(UpdateTrackerRequestBody.TrackerTypeEnum.fromValue("data"));
        request.withBody(body);
        try {
            UpdateTrackerResponse response = client.updateTracker(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}
  • 管理类追踪器修改样例。 
     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
    		 
    # coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkcts.v3.region.cts_region import CtsRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkcts.v3 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]

    credentials = BasicCredentials(ak, sk)

    client = CtsClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(CtsRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = UpdateTrackerRequest()
        obsInfobody = TrackerObsInfo(
            bucket_name="test-data-tracker",
            file_prefix_name="11",
            is_obs_created=False
        )
        request.body = UpdateTrackerRequestBody(
            is_support_validate=False,
            kms_id="",
            is_support_trace_files_encryption=False,
            obs_info=obsInfobody,
            is_lts_enabled=False,
            status="enabled",
            agency_name="cts_admin_trust",
            tracker_name="system",
            tracker_type="system"
        )
        response = client.update_tracker(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)
  • 数据类追踪器修改样例。 
     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
    		 
    # coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkcts.v3.region.cts_region import CtsRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkcts.v3 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]

    credentials = BasicCredentials(ak, sk)

    client = CtsClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(CtsRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = UpdateTrackerRequest()
        listDataEventDataBucket = [
            "READ",
            "WRITE"
        ]
        dataBucketbody = DataBucket(
            data_event=listDataEventDataBucket
        )
        obsInfobody = TrackerObsInfo(
            bucket_name="",
            file_prefix_name="",
            is_obs_created=False,
            bucket_lifecycle=60
        )
        request.body = UpdateTrackerRequestBody(
            data_bucket=dataBucketbody,
            obs_info=obsInfobody,
            is_lts_enabled=True,
            agency_name="cts_admin_trust",
            tracker_name="data-tracker-name",
            tracker_type="data"
        )
        response = client.update_tracker(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)
  • 管理类追踪器修改样例。 
     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
    		 
    package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    cts "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cts/v3"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cts/v3/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cts/v3/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := cts.NewCtsClient(
        cts.CtsClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.UpdateTrackerRequest{}
	bucketNameObsInfo:= "test-data-tracker"
	filePrefixNameObsInfo:= "11"
	isObsCreatedObsInfo:= false
	obsInfobody := &model.TrackerObsInfo{
		BucketName: &bucketNameObsInfo,
		FilePrefixName: &filePrefixNameObsInfo,
		IsObsCreated: &isObsCreatedObsInfo,
	}
	isSupportValidateUpdateTrackerRequestBody:= false
	kmsIdUpdateTrackerRequestBody:= ""
	isSupportTraceFilesEncryptionUpdateTrackerRequestBody:= false
	isLtsEnabledUpdateTrackerRequestBody:= false
	statusUpdateTrackerRequestBody:= model.GetUpdateTrackerRequestBodyStatusEnum().ENABLED
	agencyNameUpdateTrackerRequestBody:= model.GetUpdateTrackerRequestBodyAgencyNameEnum().CTS_ADMIN_TRUST
	request.Body = &model.UpdateTrackerRequestBody{
		IsSupportValidate: &isSupportValidateUpdateTrackerRequestBody,
		KmsId: &kmsIdUpdateTrackerRequestBody,
		IsSupportTraceFilesEncryption: &isSupportTraceFilesEncryptionUpdateTrackerRequestBody,
		ObsInfo: obsInfobody,
		IsLtsEnabled: &isLtsEnabledUpdateTrackerRequestBody,
		Status: &statusUpdateTrackerRequestBody,
		AgencyName: &agencyNameUpdateTrackerRequestBody,
		TrackerName: "system",
		TrackerType: model.GetUpdateTrackerRequestBodyTrackerTypeEnum().SYSTEM,
	}
	response, err := client.UpdateTracker(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}
  • 数据类追踪器修改样例。 
     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
    		 
    package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    cts "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cts/v3"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cts/v3/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cts/v3/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := cts.NewCtsClient(
        cts.CtsClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.UpdateTrackerRequest{}
	var listDataEventDataBucket = []model.DataBucketDataEvent{
        model.GetDataBucketDataEventEnum().READ,
	    model.GetDataBucketDataEventEnum().WRITE,
    }
	dataBucketbody := &model.DataBucket{
		DataEvent: &listDataEventDataBucket,
	}
	bucketNameObsInfo:= ""
	filePrefixNameObsInfo:= ""
	isObsCreatedObsInfo:= false
	bucketLifecycleObsInfo:= int32(60)
	obsInfobody := &model.TrackerObsInfo{
		BucketName: &bucketNameObsInfo,
		FilePrefixName: &filePrefixNameObsInfo,
		IsObsCreated: &isObsCreatedObsInfo,
		BucketLifecycle: &bucketLifecycleObsInfo,
	}
	isLtsEnabledUpdateTrackerRequestBody:= true
	agencyNameUpdateTrackerRequestBody:= model.GetUpdateTrackerRequestBodyAgencyNameEnum().CTS_ADMIN_TRUST
	request.Body = &model.UpdateTrackerRequestBody{
		DataBucket: dataBucketbody,
		ObsInfo: obsInfobody,
		IsLtsEnabled: &isLtsEnabledUpdateTrackerRequestBody,
		AgencyName: &agencyNameUpdateTrackerRequestBody,
		TrackerName: "data-tracker-name",
		TrackerType: model.GetUpdateTrackerRequestBodyTrackerTypeEnum().DATA,
	}
	response, err := client.UpdateTracker(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。

状态码

状态码

描述

200

请求正常。

400

服务器未能处理请求。

401

请求鉴权校验失败,访问被拒绝。

403

请求权限校验失败,访问被禁止。

404

服务器无法找到被请求的资源。

500

服务内部异常,请求未完成。

503

被请求的服务无效。建议直接修改该请求,不要重试该请求。

错误码

请参见错误码

父主题: 追踪器管理

相关文档