Help Center/ Anti-DDoS Service/ User Guide/ Advanced Anti-DDoS User Guide/ Querying Audit Logs/ Viewing CTS Traces
Updated on 2025-08-20 GMT+08:00
View PDF
Share

Viewing CTS Traces

After you enable CTS, the system starts recording operations on Anti-DDoS Service. You can view the operation records of the last 7 days on the CTS console.

Prerequisites

You have enabled CTS. For details, see Enabling CTS.

Viewing AAD Audit Logs

  1. Log in to the CTS console.
  2. Choose Trace List in the navigation pane on the left.
  3. Select Trace Source from the drop-down list, enter AAD, and press Enter.
  4. Click a trace name in the query result to view the event details.

    You can use the advanced search function to combine one or more filter criteria in the filter box.
    • Enter Trace Name, Resource Name, Resource ID, and Trace ID.
      • Resource Name: If the cloud resource involved in the trace does not have a name or the corresponding API operation does not involve resource names, this field is left empty.
      • Resource ID: If the resource does not have a resource ID or the resource fails to be created, this field is left empty.
    • Trace Source and Resource Type: Select the corresponding cloud service name or resource type from the drop-down list.
    • Operator: Select one or more operators from the drop-down list.
    • Trace Status: The value can be normal, warning, or incident. You can select only one of them.
      • normal: indicates that the operation is successful.
      • warning: indicates that the operation failed.
      • incident: indicates a situation that is more serious than an operation failure, for example, other faults are caused.
    • Time range: You can query traces generated in the last hour, day, or week, or customize traces generated in any time period of the last week.

Parent Topic: Querying Audit Logs