Help Center> Cloud Trace Service> Service Overview> What Is Cloud Trace Service?
Updated on 2022-09-27 GMT+08:00

What Is Cloud Trace Service?

The log audit module is a core component necessary for information security audit and an important part for the information systems of enterprises and public institutions to provide security risk management and control. As information systems are migrated to the cloud, information and data security management departments around the world, including the Standardization Administration of the People's Republic of China/Technical Committee (SAC/TC), have released multiple standards, such as ISO IEC27000, GB/T 20945-2013, COSO, COBIT, ITIL, and NISTSP800.

Cloud Trace Service (CTS) is a log audit service for security. It allows you to collect, store, and query resource operation records. You can use these records to perform security analysis, track resource changes, audit compliance, and locate faults.

Figure 1 CTS service diagram
CTS provides the following functions:
  • Trace recording: CTS records operations performed on the management console or by calling APIs, as well as operations triggered by each interconnected service.
  • Trace query: Operation records of the last seven days can be queried on the management console from multiple dimensions, such as the trace type, trace source, resource type, filter, operator and trace status.
  • Trace transfer: Traces are transferred to Object Storage Service (OBS) buckets on a regular basis for long-term storage. In this process, traces are compressed into trace files by service.
  • Trace file encryption: Trace files are encrypted using keys provided by Data Encryption Workshop (DEW) during transfer.