Collecting Audit Logs

Constraints

• The cluster version must be v1.21.7-r0 or later, v1.23.5-r0 or later, or 1.25.
• There is required LTS resource quota.

Audit Logs

Enabling Control Plane Audit Logging

Enabling audit logging during cluster creation

1. Log in to the CCE console.
2. Click Buy Cluster. Then, configure the parameters and click Next: Select Add-on.
3. On the displayed page, select Cloud Native Log Collection and click Next: Configure Add-on.
4. On the displayed page, select Kubernetes Audit Logs for Cloud Native Log Collection.
   Figure 1 Enabling audit logging during cluster creation
   

5. Click Next: Confirm Settings.

Viewing Control Plane Audit Logs

Viewing control plane audit logs on the CCE console

1. Log in to the CCE console and click the cluster name to access the cluster console.
2. In the navigation pane, choose Logging.
3. Click the Control Plane Audit Logs tab to view audit logs in the cluster.
   Figure 3 Viewing control plane audit logs on the CCE console
   

Viewing control plane audit logs on the LTS console

1. Log in to the LTS console and choose Log Management.
2. Search for the log group by cluster ID and click the log group name to view the log streams.
   Figure 4 Viewing control plane audit logs on the LTS console
   

Disabling Control Plane Audit Logging

1. Log in to the CCE console and click the cluster name to access the cluster console.
2. In the navigation pane, choose Logging.
3. Click the Control Plane Audit Logs tab. In the upper right corner, click Configure Control Plane Audit Logs. Then, determine whether to enable control plane audit logging.
   Figure 5 Disabling audit logging
   
4. Deselect audit and click OK.
   

   After you disable audit logging, logs are no longer written to the original log stream, but the existing logs will not be deleted and expenditures may be incurred for this.