- What's New
- Function Overview
- Service Overview
- Getting Started
-
User Guide
- Before You Start
- Logging In to Huawei Cloud
- IAM Users
- User Groups and Authorization
- Permissions Management
- Projects
- Agencies
- Security Settings
- Identity Providers
- Custom Identity Broker
- MFA Authentication and Virtual MFA Device
- Viewing IAM Operation Records
- Quotas
- Best Practices
-
API Reference
- Before You Start
- API Overview
- Calling APIs
- Getting Started
-
API
- Token Management
-
Access Key Management
- Obtaining Temporary Access Keys and Security Tokens of an Agency
- Obtaining Temporary Access Keys and Security Tokens of an IAM User
- Obtaining Temporary Access Keys and Security Tokens of a Federated User
- Creating a Permanent Access Key
- Querying Permanent Access Keys
- Querying a Permanent Access Key
- Modifying a Permanent Access Key
- Deleting a Permanent Access Key
- Region Management
- Project Management
- Account Management
-
IAM User Management
- Listing IAM Users
- Querying IAM User Details (Recommended)
- Querying IAM User Details
- Querying the User Groups Which an IAM User Belongs to
- Querying the IAM Users in a Group
- Creating an IAM User (Recommended)
- Creating an IAM User
- Changing the Login Password
- Modifying IAM User Information (By an IAM User) (Recommended)
- Modifying IAM User Information (By the Administrator) (Recommended)
- Modifying IAM User Information (By the Administrator)
- Deleting an IAM User
- User Group Management
-
Permissions Management
- Listing Permissions
- Querying Permission Details
- Querying Permissions Assignment Records
- Querying Permissions of a User Group for a Global Service Project
- Querying Permissions of a User Group for a Region-specific Project
- Granting Permissions to a User Group for a Global Service Project
- Granting Permissions to a User Group for a Region-specific Project
- Checking Whether a User Group Has Specified Permissions for a Global Service Project
- Checking Whether a User Group Has Specified Permissions for a Region-specific Project
- Querying All Permissions of a User Group
- Checking Whether a User Group Has Specified Permissions for All Projects
- Removing Specified Permissions of a User Group in All Projects
- Removing Permissions of a User Group for a Global Service Project
- Removing the Permissions of a User Group for a Region-specific Project
- Granting Permissions to a User Group for All Projects
- Custom Policy Management
-
Agency Management
- Listing Agencies
- Querying Agency Details
- Creating an Agency
- Modifying an Agency
- Deleting an Agency
- Querying Permissions of an Agency for a Global Service Project
- Querying Permissions of an Agency for a Region-specific Project
- Granting Permissions to an Agency for a Global Service Project
- Granting Permissions to an Agency for a Region-specific Project
- Checking Whether an Agency Has Specified Permissions for a Global Service Project
- Checking Whether an Agency Has Specified Permissions for a Region-specific Project
- Removing Permissions of an Agency for a Global Service Project
- Removing Permissions of an Agency for a Region-specific Project
- Querying All Permissions of an Agency
- Granting Specified Permissions to an Agency for All Projects
- Checking Whether an Agency Has Specified Permissions
- Removing Specified Permissions of an Agency in All Projects
-
Enterprise Project Management
- Querying User Groups Associated with an Enterprise Project
- Querying the Permissions of a User Group Associated with an Enterprise Project
- Granting Permissions to a User Group Associated with an Enterprise Project
- Removing Permissions of a User Group Associated with an Enterprise Project
- Querying the Enterprise Projects Associated with a User Group
- Querying the Enterprise Projects Directly Associated with an IAM User
- Querying Users Directly Associated with an Enterprise Project
- Querying Permissions of a User Directly Associated with an Enterprise Project
- Granting Permissions to a User Associated with an Enterprise Project
- Removing Permissions of a User Directly Associated with an Enterprise Project
- Granting Permissions to Agencies Associated with Specified Enterprise Projects
- Removing Permissions of Agencies Associated with Specified Enterprise Projects
-
Security Settings
- Modifying the Operation Protection Policy
- Querying the Operation Protection Policy
- Modifying the Password Policy
- Querying the Password Policy of an Account
- Modifying the Login Authentication Policy
- Querying the Login Authentication Policy
- Modifying the ACL for Console Access
- Querying the ACL for Console Access
- Modifying the ACL for API Access
- Querying the ACL for API Access
- Listing MFA Device Information of IAM Users
- Querying the MFA Device Information of an IAM User
- Listing Login Protection Configurations of IAM Users
- Querying the Login Protection Configuration of an IAM User
- Modifying the Login Protection Configuration of an IAM User
- Binding a Virtual MFA Device
- Unbinding a Virtual MFA Device
- Creating a Virtual MFA Device
- Deleting a Virtual MFA Device
-
Federated Identity Authentication Management
- Obtaining a Token Through Federated Identity Authentication
-
Identity Providers
- Listing Identity Providers
- Querying Identity Provider Details
- Creating an Identity Provider
- Modifying a SAML Identity Provider
- Deleting a SAML Identity Provider
- Creating an OpenID Connect Identity Provider Configuration
- Modifying an OpenID Connect Identity Provider
- Querying an OpenID Connect Identity Provider
- Mappings
- Protocols
- Metadata
- Token
- Listing Accounts Accessible to Federated Users
- Listing Projects Accessible to Federated Users
- Custom Identity Brokers
- Version Information Management
- Services and Endpoints
- Out-of-Date APIs
- Permissions and Actions
- Appendix
- Change History
- SDK Reference
-
FAQs
-
User Groups and Permissions Management
- Why Can't I Find Permissions for a Cloud Service?
- How Do I Grant Cloud Service Permissions in the EU-Dublin Region to IAM Users?
- Why Have Permissions Granted to a User Not Been Applied?
- What Should I Do If an IAM User Does Not Have the Required Permissions to Access the IAM Console?
- How Can I Grant an IAM User Permissions to Place Orders But Disallow Order Payment?
- IAM User Management
-
Security Settings
- How Do I Enable Login Verification?
- How Do I Disable Login Verification?
- How Do I Change the Verification Method for Performing Critical Operations?
- How Do I Disable Operation Protection?
- How Do I Bind a Virtual MFA Device?
- How Do I Obtain a Virtual MFA Verification Code?
- How Do I Unbind or Remove a Virtual MFA Device?
- Why Does MFA Authentication Fail?
- Why Am I Not Getting the Verification Code?
- Why Is My Account Locked?
- Why Doesn't My API Access Control Policy Take Effect?
- Why Do I Still Need to Perform MFA During Login After Unbinding the Virtual MFA Device?
-
Passwords and Credentials
- What Should I Do If I Forgot My Password?
- How Do I Change My Password?
- How Do I Obtain an Access Key (AK/SK)?
- What Should I Do If I Have Forgotten My Access Key (AK/SK)?
- What Are Temporary Security Credentials (AK/SK and Security Token)?
- How Do I Obtain a Token with Security Administrator Permissions?
- How Do I Obtain Access Keys (AK/SK Pairs) for the EU-Dublin Region?
- Project Management
- Agency Management
- Account Management
- Others
-
User Groups and Permissions Management
- Videos
-
More Documents
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Getting Started
-
User Guide
- Before You Start
- IAM Users
- User Groups and Authorization
- Permissions
- Projects
- Agencies
- Account Security Settings
- Identity Providers
- MFA Authentication and Virtual MFA Device
- Viewing IAM Operation Records
- Quotas
-
FAQs
- User Groups and Permissions Management
- IAM User Management
-
Security Settings
- How Do I Enable Login Authentication?
- How Do I Disable Login Authentication?
- How Do I Change the Verification Method for Performing Critical Operations?
- How Do I Disable Operation Protection?
- How Do I Bind a Virtual MFA Device?
- How Do I Obtain a Virtual MFA Verification Code?
- How Do I Unbind or Remove a Virtual MFA Device?
- Why Does MFA Authentication Fail?
- Why Am I Not Getting the Verification Code?
-
Passwords and Credentials
- How Do I Reset My Password?
- How Do I Change My Password?
- What Should I Do If I Have Forgotten My Access Key (AK/SK)?
- What Are Temporary Security Credentials (AK/SK and SecurityToken)?
- How Do I Obtain a Token with Security Administrator Permissions?
- How Do I Obtain an Access Key (AK/SK) in the ME-Abu Dhabi-OP5 Region?
- Project Management
- Agency Management
- Others
- Change History
- API Reference (ME-Abu Dhabi Region)
-
User Guide (Paris Regions)
- Service Overview
- Getting Started
-
User Guide
- IAM Users
- User Groups and Authorization
- Permissions
- Account Settings
- Projects
- Agencies
- Identity Providers
- MFA Authentication and Virtual MFA Device
- Auditing
-
FAQs
- How Do I Enable Login Authentication?
- How Do I Bind a Virtual MFA Device?
- How Do I Obtain MFA Verification Codes?
- How Do I Unbind a Virtual MFA Device?
- Why Does IAM User Login Fail?
- How Do I Control IAM User Access to the Console?
- Differences Between IAM and Enterprise Management
- What Are the Differences Between IAM Projects and Enterprise Projects?
- How Can I Obtain Permissions to Create an Agency?
- What Can I Do If Text Box Prompt Information Does Not Disappear?
- How Do I Disable Password Association and Saving on Google Chrome?
- How Do I Grant Cloud Service Permissions in the EU-Paris Region to IAM Users?
- How Do I Obtain an Access Key (AK/SK) in the EU-Paris Region?
- Change History
- API Reference (Paris Regions)
-
User Guide (Kuala Lumpur Region)
- Service Overview
- Getting Started
-
User Guide
- Before You Start
- IAM Users
- User Groups and Authorization
- Permissions Management
- Projects
- Agencies
- Security Settings
- Identity Providers
- MFA Authentication and Virtual MFA Device
- Viewing IAM Operation Records
- Quotas
-
FAQs
- User Groups and Permissions Management
- IAM User Management
-
Security Settings
- How Do I Enable Login Verification?
- How Do I Disable Login Verification?
- How Do I Change the Verification Method for Performing Critical Operations?
- How Do I Disable Operation Protection?
- How Do I Bind a Virtual MFA Device?
- How Do I Obtain a Virtual MFA Verification Code?
- How Do I Unbind or Remove a Virtual MFA Device?
- Why Does MFA Authentication Fail?
- Why Am I Not Getting the Verification Code?
- Why Is My Account Locked?
- Why Do I Still Need to Perform MFA During Login After Unbinding the Virtual MFA Device?
-
Passwords and Credentials
- What Should I Do If I Forgot My Password?
- How Do I Change My Password?
- What Should I Do If I Have Forgotten My Access Key (AK/SK)?
- What Are Temporary Security Credentials (AK/SK and Security Token)?
- How Do I Obtain a Token with Security Administrator Permissions?
- How Do I Obtain an Access Key (AK/SK) in the AP-Kuala Lumpur-OP6 Region?
- Project Management
- Agency Management
- Others
- Change History
-
API Reference (Kuala Lumpur Region)
- Before You Start
- API Overview
- Calling APIs
-
APIs
- Token Management
- Access Key Management
- Region Management
-
Project Management
- Querying Project Information Based on the Specified Criteria
- Querying a User Project List
- Querying the List of Projects Accessible to Users
- Creating a Project
- Modifying Project Data
- Querying Information About a Specified Project
- Setting the Status of a Specified Project
- Querying Information and Status of a Specified Project
- Querying the Quotas of a Project
- Tenant Management
-
User Management
- Querying a User List
- Querying User Details
- Querying User Details (Recommended)
- Querying the User Group to Which a User Belongs
- Querying Users in a User Group
- Creating a User
- Changing a Password
- Modifying User Information
- Modifying User Information (Including Email Address and Mobile Number)
- Modifying User Information (Including Email Address and Mobile Number)
- Deleting a User
- Deleting a User from a User Group
- Querying MFA Device Information of Users
- Querying the MFA Device Information of a User
- Querying Login Protection Configurations of Users
- Querying the Login Protection Configuration of a User
- Creating a Virtual MFA Device
- Deleting a Virtual MFA Device
- Binding a Virtual MFA Device
- Unbinding a Virtual MFA Device
- Modifying the Login Protection Configuration of a User
- User Group Management
-
Permission Management
- Querying a Role List
- Querying Role Details
- Querying Permissions of a User Group Under a Domain
- Querying Permissions of a User Group Corresponding to a Project
- Granting Permissions to a User Group of a Domain
- Granting Permissions to a User Group Corresponding to a Project
- Deleting Permissions of a User Group Corresponding to a Project
- Deleting Permissions of a User Group of a Domain
- Querying Whether a User Group Under a Domain Has Specific Permissions
- Querying Whether a User Group Corresponding to a Project Has Specific Permissions
- Granting Permissions to a User Group for All Projects
- Removing Specified Permissions of a User Group in All Projects
- Checking Whether a User Group Has Specified Permissions for All Projects
- Querying All Permissions of a User Group
- Custom Policy Management
-
Agency Management
- Creating an Agency
- Querying an Agency List Based on the Specified Conditions
- Obtaining Details of a Specified Agency
- Modifying an Agency
- Deleting an Agency
- Granting Permissions to an Agency for a Project
- Checking Whether an Agency Has the Specified Permissions on a Project
- Querying the List of Permissions of an Agency on a Project
- Deleting Permissions of an Agency on a Project
- Granting Permissions to an Agency on a Domain
- Checking Whether an Agency Has the Specified Permissions on a Domain
- Querying the List of Permissions of an Agency on a Domain
- Deleting Permissions of an Agency on a Domain
- Querying All Permissions of an Agency
- Granting Specified Permissions to an Agency for All Projects
- Checking Whether an Agency Has Specified Permissions
- Removing Specified Permissions of an Agency in All Projects
-
Security Settings
- Querying the Operation Protection Policy
- Modifying the Operation Protection Policy
- Querying the Password Policy
- Modifying the Password Policy
- Querying the Login Authentication Policy
- Modifying the Login Authentication Policy
- Querying the ACL for Console Access
- Modifying the ACL for Console Access
- Querying the ACL for API Access
- Modifying the ACL for API Access
- Federated Identity Authentication Management
- Version Information Management
- Services and Endpoints
- Permissions Policies and Supported Actions
- Appendix
- Change History
-
User Guide (Ankara Region)
- Service Overview
- Getting Started
-
User Guide
- Before You Start
- IAM Users
- User Groups and Authorization
- Permissions Management
- Projects
- Agencies
- Security Settings
- Identity Providers
- MFA Authentication and Virtual MFA Device
- Quotas
-
FAQs
- IAM User Management
-
Security Settings
- How Do I Enable Login Verification?
- How Do I Disable Login Verification?
- How Do I Change the Verification Method for Performing Critical Operations?
- How Do I Disable Operation Protection?
- How Do I Bind a Virtual MFA Device?
- How Do I Obtain a Virtual MFA Verification Code?
- How Do I Unbind or Remove a Virtual MFA Device?
- Why Does MFA Authentication Fail?
- Why Am I Not Getting the Verification Code?
- Passwords and Credentials
- Agency Management
- Others
- Change History
- API Reference (Ankara Region)
-
User Guide (ME-Abu Dhabi Region)
- General Reference
Copied.
Viewing CTS Traces in the Trace List
Scenarios
After you enable CTS and the management tracker is created, CTS starts recording operations on cloud resources. After a data tracker is created, the system starts recording operations on data in Object Storage Service (OBS) buckets. Cloud Trace Service (CTS) stores operation records (traces) generated in the last seven days.
These operation records are retained for seven days on the CTS console and are automatically deleted upon expiration. Manual deletion is not supported.
This section describes how to query or export operation records of the last seven days on the CTS console.
Constraints
- Traces of a single account can be viewed on the CTS console. Multi-account traces can be viewed only on the Trace List page of each account, or in the OBS bucket or the CTS/system log stream configured for the management tracker with the organization function enabled.
- You can only query operation records of the last seven days on the CTS console. To store operation records for longer than seven days, you must configure transfer to OBS or Log Tank Service (LTS) so that you can view them in OBS buckets or LTS log groups.
- After performing operations on the cloud, you can query management traces on the CTS console one minute later and query data traces five minutes later.
- Data traces are not displayed in the trace list of the new version. To view them, you need to go to the old version.
Viewing Real-Time Traces in the Trace List of the New Edition
- Log in to the management console.
- Click
in the upper left corner and choose Management & Governance > Cloud Trace Service. The CTS console is displayed.
- Choose Trace List in the navigation pane on the left.
- On the Trace List page, use advanced search to query traces. You can combine one or more filters.
- Trace Name: Enter a trace name.
- Trace ID: Enter a trace ID.
- Resource Name: Enter a resource name. If the cloud resource involved in the trace does not have a resource name or the corresponding API operation does not involve the resource name parameter, leave this field empty.
- Resource ID: Enter a resource ID. Leave this field empty if the resource has no resource ID or if resource creation failed.
- Trace Source: Select a cloud service name from the drop-down list.
- Resource Type: Select a resource type from the drop-down list.
- Operator: Select one or more operators from the drop-down list.
- Trace Status: Select normal, warning, or incident.
- normal: The operation succeeded.
- warning: The operation failed.
- incident: The operation caused a fault that is more serious than the operation failure, for example, causing other faults.
- Enterprise Project ID: Enter an enterprise project ID.
- Access Key: Enter a temporary or permanent access key ID.
- Time range: Select Last 1 hour, Last 1 day, or Last 1 week, or specify a custom time range within the last seven days.
- On the Trace List page, you can also export and refresh the trace list, and customize columns to display.
- Enter any keyword in the search box and press Enter to filter desired traces.
- Click Export to export all traces in the query result as an .xlsx file. The file can contain up to 5,000 records.
- Click
to view the latest information about traces.
- Click
to customize the information to be displayed in the trace list. If Auto wrapping is enabled (
), excess text will move down to the next line; otherwise, the text will be truncated. By default, this function is disabled.
- For details about key fields in the trace structure, see Trace Structure and Example Traces.
- (Optional) On the Trace List page of the new edition, click Go to Old Edition in the upper right corner to switch to the Trace List page of the old edition.
Viewing Real-Time Traces in the Trace List of the Old Edition
- Log in to the management console.
- Click
in the upper left corner and choose Management & Governance > Cloud Trace Service. The CTS console is displayed.
- Choose Trace List in the navigation pane on the left.
- Each time you log in to the CTS console, the new edition is displayed by default. Click Go to Old Edition in the upper right corner to switch to the trace list of the old edition.
- Set filters to search for your desired traces. The following filters are available.
- Trace Type, Trace Source, Resource Type, and Search By: Select a filter from the drop-down list.
- If you select Resource ID for Search By, specify a resource ID.
- If you select Trace name for Search By, specify a trace name.
- If you select Resource name for Search By, specify a resource name.
- Operator: Select a user.
- Trace Status: Select All trace statuses, Normal, Warning, or Incident.
- Time range: Select Last 1 hour, Last 1 day, or Last 1 week, or specify a custom time range within the last seven days.
- Trace Type, Trace Source, Resource Type, and Search By: Select a filter from the drop-down list.
- Click Query.
- On the Trace List page, you can also export and refresh the trace list.
- Click Export to export all traces in the query result as a CSV file. The file can contain up to 5,000 records.
- Click
to view the latest information about traces.
- Click
on the left of a trace to expand its details.
- Click View Trace in the Operation column. The trace details are displayed.
- For details about key fields in the trace structure, see Trace Structure and Example Traces in the CTS User Guide.
- (Optional) On the Trace List page of the old edition, click New Edition in the upper right corner to switch to the Trace List page of the new edition.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot