Enabling Log Access

Updated on 2024-10-29 GMT+08:00

View PDF

Scenario

SecMaster can access logs of multiple cloud products with your authorization. After you authorize the access, you can manage logs centrally and search and analyze all collected logs.

This topic describes how to access logs and view where logs are stored.

Limitations and Constraints

It takes about 10 minutes for the log access settings to take effect.

Allowing SecMaster to Access Service Logs

Log in to the management console.
Click in the upper part of the page and choose Security > SecMaster.
In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
In the navigation pane on the left, choose Settings > Data Integration.
Locate the cloud service from which you want to collect logs, click in the Logs column to enable log access.

To access logs of cloud services supported in the current region, click on the left of Access Service Logs.
Set the lifecycle.

By default, data is stored for 7 days. You can set the storage period as required.
Set Automatically converts alarms.

Locate the row containing the target security products. In the Automatically converts alarms column of that row, click to enable the function. After that, SecMaster will automatically convert cloud service logs into alerts when the logs meet certain alert rules. Those alerts will be displayed on the Alerts page.
NOTE:
- If this function is disabled, logs that meet certain alert rules will not be converted to alerts or displayed on the Alerts page.
- You can access host vulnerability scan results on the Vulnerabilities page of SecMaster. If such results have been accessed during data integration but this conversion function is disabled, the results will not be displayed on the Vulnerabilities page.
Click Save. In the displayed dialog box, click OK.

NOTE:

It takes about 10 minutes for the log access settings to take effect. After the access completes, a default data space and pipeline are created.

Viewing the Log Storage Location

Log in to the management console.
Click in the upper part of the page and choose Security > SecMaster.
In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
In the navigation pane on the left, choose Settings > Data Integration. On the displayed Cloud Service Access tab, view the log data storage location in the Storage Location column.

You can go to the corresponding pipeline in the target workspace to view the accessed logs.

Related Operations

Canceling Data Access
1. In the Log column of the target cloud services, click to disable the access to cloud service logs.
2. Click Save.
Editing the Data Access Lifecycle
1. In the Lifecycle column of the target cloud services, enter the data storage period.
2. Click Save.
Canceling Automatic Converting Logs to Alarms
1. In the Automatically converts alarms column of the target cloud products, click to disable the alarms.
2. Click Save.

Parent topic: Data Integration

Previous topic: Log Access Supported by SecMaster

Next topic: Customizing Directories

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot