Updated on 2024-11-06 GMT+08:00

Delivering Logs to LTS

Scenario

SecMaster can integrate logs of other cloud products, such as WAF, HSS, and CFW. For details about how to integrate, see Data Integration.

You can deliver integrated logs to Log Tank Service (LTS) for real-time decision-making and analysis, device O&M management, and service trend analysis.

This topic walks you through how to deliver integrated logs to LTS.

Prerequisites

Procedure

Creating a Data Delivery

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
  4. In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.

    Figure 1 Workspace management page

  5. In the navigation pane on the left, choose Threat Operations > Security Analysis. The security analysis page is displayed.

    Figure 2 Accessing the Security Analysis tab page

  6. In the data space navigation tree on the left, click the data space name to expand all pipelines. Next to the name of the target pipeline, click More > Deliver.

    Figure 3 Accessing data delivery settings page

  7. (Optional) Authorization of the destination type is required for the first delivery. If the authorization has been performed, skip this step.

    Confirm the authorization information, select Agree to authorize and click OK.

  8. On the Create Delivery page, set data delivery parameters.

    • Delivery Name: Enter a data delivery name.
    • Account Type: Select Current. Only logs of the current account can be delivered to LTS.
    • Delivery Type: Select LTS.
    • Log Group: Select an LTS log group. If no log group is available, create one. For details, see Creating an LTS Log Group.
    • Log Stream: Select a destination LTS log stream. If no log stream is available, create one. For details, see Creating an LTS Log Stream.

    Other configuration parameters are generated by the system by default and do not need to be configured.

  9. Under Access Authorization, view the permissions granted in 7.

    A delivery requires the read and write permissions to access your cloud resources. A delivery task cannot access your cloud resources unless the access is authorized by you.

  10. Click OK.

Data Delivery Authorization

  1. On the Data Delivery page, click the Cross-Tenant Permissions tab. On the page displayed, click Accept in the Operation column of the target delivery task.

    To accept authorization in batches, select all tasks to be authorized and click Accept in the upper left corner of the list.

    Figure 4 Data delivery authorization

    After the authorization is granted, the authorization status of the target delivery task is updated to Authorized. You can go to the delivery destination to view the delivery details.

Checking the Data Delivery Status

  1. Click in the upper left corner of the page and choose Management & Governance > Log Tank Service.
  2. In the log group list on the Log Management page, locate the log group for which you want to add data delivery and click before the log group name.
  3. Click the name of the log stream selected during data delivery. The log stream details page is displayed.
  4. On the log stream details page, view the delivered log information.