Delivering Logs to LTS
Scenario
SecMaster can integrate logs of other cloud products, such as WAF, HSS, and CFW. For details about how to integrate, see Data Integration.
You can deliver integrated logs to Log Tank Service (LTS) for real-time decision-making and analysis, device O&M management, and service trend analysis.
This topic walks you through how to deliver integrated logs to LTS. The procedure is as follows:
Prerequisites
- Logs you want to deliver have been aggregated in SecMaster. For details, see Data Integration.
- To deliver data to LTS, ensure there is an available log group and log streams. For details, see Managing Log Groups and Managing Log Streams.
Step 1: Create a Data Delivery Task
- Log in to the management console.
- Click in the upper left corner of the management console and select a region or project.
- Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
- In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 1 Workspace management page
- In the navigation pane on the left, choose
. The security analysis page is displayed.Figure 2 Accessing the Security Analysis tab page
- In the data space navigation tree on the left, click the data space name to expand all pipelines. Next to the name of the target pipeline, click More > Deliver.
Figure 3 Accessing data delivery settings page
- (Optional) Authorization is required first time you start a delivery to a specific destination type. If the destination type has been authorized, skip this step.
Confirm the authorization information, select Agree to authorize and click OK.
- On the Create Delivery page, set data delivery parameters.
- Delivery Name: Enter a data delivery name.
- Account Type: Select Current. Only logs of the current account can be delivered to LTS.
- Delivery Type: Select LTS.
- Log Group: Select an LTS log group. If no log group is available, create one. For details, see Creating an LTS Log Group.
- Log Stream: Select a destination LTS log stream. If no log stream is available, create one. For details, see Creating an LTS Log Stream.
Other configuration parameters are generated by the system by default and do not need to be configured.
- Under Access Authorization, view the permissions granted in 7.
A delivery requires the read and write permissions to access your cloud resources. A delivery task cannot access your cloud resources unless the access is authorized by you.
- Click OK.
Step 2: Authorize the Data Delivery
- Log in to the management console.
- Click in the upper left corner of the management console and select a region or project.
- Click in the upper left corner of the page and choose Security & Compliance > SecMaster.
- In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 4 Workspace management page
- In the navigation pane on the left, choose Data Delivery tab. . On the Security Analysis page displayed, select the
- On the Data Delivery tab, click the Cross-Tenant Permissions tab. On the page displayed, click Accept in the Operation column of the target delivery task.
To accept authorization in batches, select all tasks to be authorized and click Accept in the upper left corner of the list.
Figure 5 Authorization for data delivery
After the authorization is granted, the authorization status of the target delivery task is updated to Authorized. You can go to the delivery destination to view the delivery details.
Step 3: View the Delivered Data in LTS
- Log in to the management console.
- Click in the upper left corner of the management console and select a region or project.
- Click in the upper left corner of the page and choose Management & Governance > Log Tank Service.
- In the log group list on the Log Management page, locate the log group for which you want to add data delivery and click before the log group name.
- Click the name of the log stream selected during data delivery. The log stream details page is displayed.
- On the log stream details page, view the delivered logs.
Operations Related to Data Delivery Authorization
On the Cross-tenant Permissions tab page, you can select to Reject or Cancel the authorization.
Operation |
Method |
---|---|
Reject |
In the row containing the target delivery task, click Reject in the Operation column to reject the authorization. To reject authorization in batches, select all tasks to be rejected and click Reject in the upper left corner of the list. |
Cancel |
|
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot