Creating a Tracker

Updated on 2025-02-27 GMT+08:00

View PDF

Scenarios

You can create data trackers to log operations on data. Data trackers record data traces, that is, logs of tenant operations (such as upload and download) on data in OBS buckets.

When you enable CTS, a management tracker is created automatically. Only one management tracker can be created. The trackers you created are all data trackers.

Constraints

CTS records operations performed in the last seven days. To store traces for a longer time, configure your tracker. The tracker will continuously store traces to your specified LTS log stream or OBS bucket.

Prerequisites

You have enabled CTS. For details, see Overview.

Creating a Data Tracker

Log in to the management console.
In the service list, choose Management & Governance > Cloud Trace Service. The CTS console is displayed.
Choose Tracker List in the navigation pane. In the upper right corner of the displayed page, click Create Tracker.
Set basic information. Enter a tracker name. Click Next.
A data tracker name contains only letters, digits, hyphens (-), and underscores (_), and must start with a letter or digit. It cannot be empty and contains up to 32 characters. Do not use system or system-trace as a data tracker name.

Select a trace. Set parameters and click Next.

**Table 1** Parameters for selecting a trace
Parameter	Description
Data Trace Source	Container for storing data traces. Currently, OBS buckets are used.
OBS Bucket	Select an OBS bucket from the drop-down list.
Operation	Select the operations to record. Options: Read and Write. Select at least one of them.

Configure a transfer. Set parameters and click Next. You can only query operation records of the last seven days on the CTS console. To store and query operation records beyond seven days, transfer them to OBS or LTS. For details, see Table 2 and Table 3.

**Table 2** Parameters for configuring the transfer to OBS
Parameter	Description
Transfer to OBS	If you select Yes, select an existing OBS bucket or create one on the Configure Tracker page and set File Prefix. When Transfer to OBS is disabled, no operation is required.
Create a cloud service agency.	(Mandatory) If you select this check box, CTS automatically creates a cloud service agency when you create a tracker. The agency authorizes you to use OBS.
OBS Bucket	New: An OBS bucket will be created automatically with the name you enter. NOTE: The OBS bucket created on this page is a single-AZ private bucket with Standard storage. If you need other configurations, create the bucket on OBS Console in advance and choose Existing to select it. Existing: Select an existing OBS bucket in the current region.
Select Bucket	When you select New, enter an OBS bucket name. The OBS bucket name cannot be empty. It can contain 3 to 63 characters, including only lowercase letters, digits, hyphens (-), and periods (.). It cannot contain two consecutive periods (for example, my..bucket). A period (.) and a hyphen (-) cannot be adjacent to each other (for example, my-.bucket and my.-bucket). Do not use an IP address as a bucket name. If you select Existing for OBS Bucket, select an existing OBS bucket.
Retention Period	The duration for storing traces in the OBS bucket. This configuration will apply to the selected bucket and all files in it. Different compliance standards require different trace retention periods. You are advised to set the retention period to at least 180 days. For a data tracker, you can set the duration to 30 days, 60 days, 90 days, 180 days, 3 years, or the same as that of OBS.
File Prefix	A file prefix is used to mark transferred trace files. The prefix you set will be automatically added to the beginning of the file names, facilitating file filtering. Enter 0 to 64 characters. Only letters, digits, underscores (_), hyphens (-), and periods (.) are allowed.
Compression	The usage of object storage space can be reduced. Do not compress: Transfer files in the .json format. gzip: Transfer files in .json.gz format.
Sort by Cloud Service	When this function is enabled, the cloud service name is added to the transfer file path, and multiple small files are generated in OBS. Example: */CloutTrace/cn-north-7/2022/11/8/doctest/Cloud service/_XXX.json.gz* When this function is disabled, the cloud service name will not be added to the transfer file path. Example: /CloutTrace/cn-north-7/2022/11/8/doctest/_XXX.json.gz
Transfer Path	Log transfer path is automatically set by the system.
Verify Trace File	When this function is enabled, integrity verification will be performed to check whether trace files in OBS buckets have been tampered with. For details about file integrity verification, see Verifying Trace File Integrity.

**Table 3** Parameters for configuring the transfer to LTS
Parameter	Description
Transfer to LTS	When Transfer to LTS is enabled, traces are transferred to the log stream.
Log Group	When Transfer to LTS is enabled, the default log group name CTS is set. When Transfer to LTS is disabled, no operation is required.