Updated on 2024-11-19 GMT+08:00

Creating a Tracker

Scenario

You can create data trackers to log operations on data. Data trackers record data traces, that is, logs of tenant operations (such as upload and download) on data in OBS buckets.

When you enable CTS, a management tracker is created automatically. Only one management tracker can be created. The trackers you created are all data trackers.

  • CTS records operations performed in the last seven days. To store traces for a longer time, configure a tracker. The tracker will store traces to your specified LTS log streams or OBS buckets.

Prerequisites

You have enabled CTS. For details, see Overview.

Creating a Data Tracker

  1. Log in to the management console.
  2. In the service list, choose Management & Governance > Cloud Trace Service. The CTS console is displayed.
  3. Choose Tracker List in the left navigation pane. In the upper right corner of the displayed page, click Create Tracker.
  4. Set basic information. Enter a tracker name. Click Next.
    • Tracker name contains only letters, digits, hyphens (-), and underscores (_), and must start with a letter or digit.
    • Tracker name cannot be empty and contains a maximum of 32 characters.
    • The name of the data tracker cannot be system or system-trace.
  5. Select a trace. Set parameters and click Next.
    Table 1 Parameters for selecting a trace

    Parameter

    Description

    Data Trace Source

    Container for storing data traces. Currently, OBS buckets are used.

    OBS Bucket

    Select an OBS bucket from the drop-down list.

    Operation

    • Select the operations to record.
    • Options: Read and Write. Select at least one of them.
  6. Configure a transfer. Set parameters and click Next. You can query operation records of the last seven days on the CTS console. To store and query operation records beyond seven days, transfer them to OBS or LTS. For details, see Table 2 and Table 3.
    Table 2 Parameters for configuring the transfer to OBS

    Parameter

    Description

    Transfer to OBS

    If you select Yes, select an existing OBS bucket or create one on the Configure Tracker page and set File Prefix.

    When Transfer to OBS is disabled, no operation is required.

    Create a cloud service agency.

    (Mandatory) If you select this check box, CTS automatically creates a cloud service agency when you create a tracker. The agency authorizes you to use OBS.

    OBS Bucket

    New: An OBS bucket will be created automatically with the name you enter.

    Existing: Select an existing OBS bucket.

    Select Bucket

    When you select New, enter an OBS bucket name. The OBS bucket name cannot be empty. It can contain 3 to 63 characters, including only lowercase letters, digits, hyphens (-), and periods (.). It cannot contain two consecutive periods (for example, my..bucket). A period (.) and a hyphen (-) cannot be adjacent to each other (for example, my-.bucket and my.-bucket). Do not use an IP address as a bucket name.

    When you select Existing, select an existing OBS bucket.

    Retention Period

    The duration for storing traces in the OBS bucket. This configuration will apply to the selected bucket and all files in it. Different compliance standards require different trace retention periods. You are advised to set the retention period to at least 180 days.
    • For a data tracker, you can set the duration to 30 days, 60 days, 90 days, 180 days, 3 years, or the same as that of OBS.

    File Prefix

    A file prefix is used to mark transferred trace files. The prefix you set will be automatically added to the beginning of the file names, facilitating file filtering. Enter 0 to 64 characters. Only letters, digits, underscores (_), hyphens (-), and periods (.) are allowed.

    Compression

    The space object storage can be reduced.
    • No: Transfer files in the *.json format.
    • gzip: Transfer files in *.json.gz format.

    Sort by Cloud Service

    • When this function is enabled, the cloud service name is added to the transfer file path, and multiple small files are generated in OBS. Example: /CloutTrace/cn-north-7/2022/11/8/doctest/Cloud service/_XXX.json.gz
    • When this function is disabled, the cloud service name will not be added to the transfer file path. Example: /CloutTrace/cn-north-7/2022/11/8/doctest/_XXX.json.gz

    Log Transfer Path

    Log transfer path is automatically set by the system.

    Verify Trace File

    When this function is enabled, integrity verification will be performed to check whether trace files in OBS buckets have been tampered with. For details about file integrity verification, see Verifying Trace File Integrity.

    Table 3 Parameters for configuring the transfer to LTS

    Parameter

    Description

    Transfer to LTS

    When Transfer to LTS is enabled, traces are transferred to the log stream.

    Log group name

    When Transfer to LTS is enabled, the default log group name CTS is set. When Transfer to LTS is disabled, no operation is required.

  7. Preview the tracker information and click Create.
  8. Click OK.