Viewing Elasticsearch Cluster Audit Logs
With CTS, you can record operations associated with CSS for later query, audit, and backtrack operations.
Prerequisites
CTS has been enabled.
Key Operations Recorded by CTS
|
Operation |
Resource Type |
Event Name |
|---|---|---|
|
Creating a cluster |
cluster |
createCluster |
|
Changing the billing mode of a cluster from pay-per-use to yearly/monthly |
cluster |
updateOndemandClusterToPeriod |
|
Querying cluster details |
cluster |
showClusterDetail |
|
Deleting a cluster |
cluster |
deleteCluster |
|
Changing a cluster name |
cluster |
updateClusterName |
|
Querying the cluster list |
cluster |
listClusters |
|
Changing the password of a cluster |
cluster |
resetPassword |
|
Restarting a cluster |
cluster |
restartCluster |
|
Expanding cluster capacity |
cluster |
updateExtendCluster |
|
Adding instances and expanding storage |
cluster |
updateExtendInstanceStorage |
|
Changing specifications |
cluster |
updateFlavor |
|
Obtaining the instance specifications list |
cluster |
listFlavors |
|
Querying all tags |
cluster |
listClustersTags |
|
Querying the tags of a specified cluster |
cluster |
showClusterTag |
|
Adding tags for a cluster |
cluster |
createClustersTags |
|
Deleting the tags of a cluster |
cluster |
deleteClustersTags |
|
Adding or deleting cluster tags in batches |
cluster |
updateBatchClustersTags |
|
Removing specified nodes |
cluster |
updateShrinkNodes |
|
Changing the specifications of a specified node type |
cluster |
updateFlavorByType |
|
Scaling in nodes of a specific type |
cluster |
updateShrinkCluster |
|
Downloading a security certificate |
cluster |
downloadCert |
|
Replacing a node |
cluster |
updateInstance |
|
Changing the security mode |
cluster |
changeMode |
|
Adding a dedicated Master or Client node |
cluster |
addIndependentNode |
|
Upgrading the cluster kernel |
cluster |
upgradeCore |
|
Obtaining a target image ID |
cluster |
listImages |
|
Obtaining upgrade details |
cluster |
upgradeDetail |
|
Retrying a failed upgrade task |
cluster |
retryUpgradeTask |
|
Changing the security group |
cluster |
changeSecurityGroup |
|
Creating a V2 cluster |
cluster |
createClusterV2 |
|
Restarting a V2 cluster |
cluster |
restartCluster |
|
Rolling restart |
cluster |
rollingRestart |
|
Loading a custom word dictionary |
cluster |
createLoadIkThesaurus |
|
Viewing custom word dictionary configurations |
cluster |
showIkThesaurus |
|
Deleting a custom word dictionary |
cluster |
deleteIkThesaurus |
|
Enabling Kibana public access |
cluster |
startKibanaPublic |
|
Disabling Kibana public access |
cluster |
updateCloseKibana |
|
Modifying the Kibana public network bandwidth |
cluster |
updateAlterKibana |
|
Modifying Kibana public network access control |
cluster |
updatePublicKibanaWhitelist |
|
Disabling Kibana public network access control |
cluster |
stopPublicKibanaWhitelist |
|
Enabling logging |
cluster |
startLogs |
|
Disabling logging |
cluster |
stopLogs |
|
Querying the job list |
cluster |
listLogsJob |
|
Querying basic log configurations |
cluster |
showGetLogSetting |
|
Modifying basic log configurations |
cluster |
updateLogSetting |
|
Enabling automatic log backup |
cluster |
startLogAutoBackupPolicy |
|
Disabling automatic log backup |
cluster |
stopLogAutoBackupPolicy |
|
Backing up logs |
cluster |
createLogBackup |
|
Querying logs |
cluster |
showLogBackup |
|
Enabling public network access |
cluster |
createBindPublic |
|
Disabling public access |
cluster |
updateUnbindPublic |
|
Modifying public network access bandwidth |
cluster |
updatePublicBandWidth |
|
Enabling the public network access whitelist |
cluster |
startPublicWhitelist |
|
Disabling the public network access whitelist |
cluster |
stopPublicWhitelist |
|
Automatically setting basic configurations of a cluster snapshot |
cluster |
startAutoSetting |
|
Modifying basic configurations of a cluster snapshot |
cluster |
updateSnapshotSetting |
|
Manually creating a snapshot |
snapshot |
createSnapshot |
|
Restoring a snapshot |
snapshot |
restoreSnapshot |
|
Deleting a specified snapshot |
snapshot |
deleteSnapshot |
|
Setting an automatic snapshot creation policy |
cluster |
createAutoCreatePolicy |
|
Querying automatic snapshot creation policies |
cluster |
showAutoCreatePolicy |
|
Querying the snapshot list |
cluster |
listSnapshots |
|
Disabling snapshot function |
cluster |
stopSnapshot |
|
Enabling automatic snapshot creation |
cluster |
startAutoCreateSnapshots |
|
Disabling automatic snapshot creation |
cluster |
stopAutoCreateSnapshots |
|
Enabling VPC Endpoint Service |
cluster |
startVpecp |
|
Disabling VPC Endpoint Service |
cluster |
stopVpecp |
|
Obtaining a VPCEP connection |
cluster |
showVpcepConnection |
|
Updating a VPCEP connection |
cluster |
updateVpcepConnection |
|
Modifying the VPCEP whitelist |
cluster |
updateVpcepWhitelist |
|
Modifying parameter settings |
cluster |
listYmls |
|
Obtaining the task list of parameter settings |
cluster |
listYmlsJob |
|
Obtaining the parameter settings list |
cluster |
updateYmls |
|
Querying ELB V3 load balancers supported by a cluster |
cluster |
listElbs |
|
Enabling or disabling the Elasticsearch Load Balancer |
cluster |
enableOrDisableElb |
|
Configuring an Elasticsearch listener |
cluster |
createElbListener |
|
Obtaining information about an Elasticsearch ELB |
cluster |
showElbDetail |
|
Updating an Elasticsearch listener |
cluster |
updateEsListener |
|
Querying the certificate list |
cluster |
listElbCerts |
|
Obtaining the intelligent O&M task list and details |
cluster |
listAiOps |
|
Creating a cluster detection task |
cluster |
createAiOps |
|
Deleting a detection task record |
cluster |
deleteAiOps |
|
Obtaining SMN topics available for intelligent O&M alarms |
cluster |
listSmnTopics |
Querying Real-Time Traces
After a management tracker is created on the CTS console, the system starts recording operations performed on cloud service resources. After a data tracker is created, the system starts recording operations performed on data in OBS buckets. CTS retains operation records generated in the latest seven days.
To view or export operation records of the last seven days on the CTS console, see Querying Real-Time Traces.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
