All Products
Search

This Product

    Simple Log Service:Configure a user identifier

    Document Center

    Simple Log Service:Configure a user identifier

    Last Updated:Nov 29, 2024

    If you want to use Logtail to collect logs from a server that belongs to a different Alibaba Cloud account from your Simple Log Service project, a server from a third-party cloud service provider, or a server in a data center, you must perform the following operations: Install Logtail on the server, create a file on the server, and grant Simple Log Service the permissions to collect logs from the server by using Logtail. The name of the file is the ID of the Alibaba Cloud account to which your Simple Log Service project belongs. For more information, see Install Logtail. This topic describes how to use the ID of an Alibaba Cloud account to configure a user identifier on a server.

    Important

    • If you want to collect logs from an Elastic Compute Service (ECS) instance that belongs to another Alibaba Cloud account, a server that is deployed in a self-managed data center, or a server that is provided by a third-party cloud service provider, you must configure a user identifier for your server.

    • You must specify the ID of an Alibaba Cloud account as a user identifier in the user identifier file. You cannot specify the ID of a Resource Access Management (RAM) user as a user identifier.

    • You must specify the name of the user identifier file. You do not need to specify the file extension.

    • You can specify multiple user identifiers for a server. However, you can specify only one user identifier for a Logtail container.

    Obtain the ID of the Alibaba Cloud account to which your Simple Log Service project belongs

    1. Log on to the Simple Log Service console by using an Alibaba Cloud account.

    2. Use one of the following methods to obtain the ID of the Alibaba Cloud account:

      Use Cloud Shell

      Open Cloud Shell and run the following command to obtain the ID of the Alibaba Cloud account: 

      echo $ALIBABA_CLOUD_ACCOUNT_ID

      获取主账号ID

      Note

      Resource Access Management (RAM) users are not supported.

      Use the console

      In the upper-right corner of the homepage of the Simple Log Service console, move the pointer over the profile picture. In the popover that appears, view and copy the value of the Account ID parameter. image

      If you log on to the Simple Log Service console by using a RAM user, copy the value of the Main Account ID parameter.image

    Configure a user identifier

    Log on to the server from which you want to collect logs. Configure a user identifier for the server by using one of the following methods:

    Linux system

    • In the /etc/ilogtail/users directory, create a file whose name is the obtained ID of the Alibaba Cloud account. 

      touch /etc/ilogtail/users/{ID of the Alibaba Cloud account}
      Important

      • If the /etc/ilogtail/users directory does not exist, create the directory.

      • After you configure or delete a user identifier, the configuration takes effect within 1 minute.

    • If you want to use multiple Simple Log Service projects that belong to different Alibaba Cloud accounts to collect logs from the same server, you can create multiple files whose names are the IDs of the Alibaba Cloud accounts on the server. Examples:

      touch /etc/ilogtail/users/{Alibaba Cloud account ID 1}
touch /etc/ilogtail/users/{Alibaba Cloud account ID 2}

    Windows system

    • In the C:\LogtailData\users directory, create a file whose name is the obtained ID of the Alibaba Cloud account.

      • Run the following command in Windows PowerShell to create the file: 

        ni C:\LogtailData\users\{ID of the Alibaba Cloud account}

      • Run the following command in the Command Prompt to create the file: 

        type nul > C:\LogtailData\users\{ID of the Alibaba Cloud account}

    • If you want to use multiple Simple Log Service projects that belong to different Alibaba Cloud accounts to collect logs from the same server, you can create multiple files whose names are the IDs of the Alibaba Cloud accounts on the server.

    Container environment

    If you deploy Logtail in a Kubernetes cluster and use logtail-ds V1.7.3 or later, you can configure a custom identifier in the Container Service for Kubernetes (ACK) console. You can modify the LogtailDSExternalUserDefinelDs parameter of the logtail-ds component on the Add-ons page. For more information, see Manage components.

    Delete a user identifier

    Linux system

    Delete the file whose name is the ID of your Alibaba Cloud account to delete the related user identifier: 

    rm /etc/ilogtail/users/{ID of the Alibaba Cloud account}

    Windows system

    Delete the file whose name is the ID of your Alibaba Cloud account to delete the related user identifier: 

    del C:\LogtailData\users\{ID of the Alibaba Cloud account}
    Important

    If you no longer need to collect logs, we recommend that you delete the file whose name is the ID of your Alibaba Cloud account to avoid information leaks.

    What to do next

    After you configure a user identifier, you can create a machine group. For more information, see Manage machine groups.