Elasticsearch is integrated with ActionTrail. In the ActionTrail console, you can query the management events that are generated when you manage Elasticsearch resources. ActionTrail can deliver management events to Simple Log Service Logstores or Object Storage Service (OSS) buckets. This way, you can audit the events in real time and locate the causes of issues.
ActionTrail generates management events when you manage cloud resources by using APIs or the Alibaba Cloud Management Console. The following table describes the management events of Elasticsearch that you can query in the ActionTrail console.
Event name | Description |
ActivateCloudMigration | Migrates cloud data in a self-managed Elasticsearch cluster. |
ActivateZones | Restores the nodes in a disabled zone for an Elasticsearch cluster. |
AddConnectableCluster | Establishes a network connection between two Elasticsearch clusters. |
AddSnapshotRepo | Creates a shared OSS repository for an Elasticsearch cluster. |
AttachMigrationJob | Triggers a migration task. |
CancelDeletion | Disables release protection for an Elasticsearch cluster. |
CancelLogstashDeletion | Disables release protection for a Logstash cluster. |
CancelTask | Cancels a data migration task of an Elasticsearch cluster. |
CheckDiagnosisServiceStatus | Checks whether intelligent O&M is enabled. |
CloseDiagnosis | Disables intelligent O&M for an Elasticsearch cluster. |
CloseHttps | Disables HTTPS for an Elasticsearch cluster. |
CloseManagedIndex | Disables index hosting for an Elasticsearch cluster. |
CloseSaml | Disables Security Assertion Markup Language (SAML) authentication. |
ContinueEsVersionUpgrade | Continues the phased change of an Elasticsearch version upgrade. |
Create | Purchases resources on the buy page. |
CreateCollector | Creates a Beats shipper. |
CreateComponentIndex | Creates a composable index template. |
CreateDataStream | Creates a data stream. This operation is available only for Elasticsearch clusters of the Advanced Edition. |
CreateDataTasks | Creates an index migration task. |
CreateILMPolicy | Creates an index lifecycle policy. |
CreateIndexTemplate | Creates an index template. |
createInstance | Creates an Elasticsearch cluster. |
CreateLogstash | Creates a Logstash cluster. |
CreateMigrationJob | Creates a migration task. |
CreatePipelines | Creates a pipeline in a Logstash cluster. |
CreateProject | Creates a project. |
CreateSaml | Enables SAML authentication. |
CreateSamlRole | Creates a role for SAML authentication. |
CreateSnapshot | Creates manual snapshots for an Elasticsearch cluster. |
CreateVpcEndpoint | Creates an endpoint in the virtual private cloud (VPC) within the Elasticsearch service account. |
DeactivateZones | Disables one or more zones where a multi-zone Elasticsearch cluster resides and migrates the nodes in the disabled zones to other zones. |
DeleteCollector | Deletes a Beats shipper. |
DeleteComponentIndex | Deletes a composable index template. |
DeleteConnectedCluster | Disconnects an Elasticsearch cluster from another Elasticsearch cluster. |
DeleteDataStream | Deletes a data stream for a specified index in an Elasticsearch cluster. |
DeleteDataTask | Deletes a data migration task of an Elasticsearch cluster. |
DeleteDeprecatedTemplate | Deletes a historical index template for an Elasticsearch cluster. |
DeleteILMPolicy | Deletes an index lifecycle policy. |
DeleteIndexTemplate | Deletes an index template. |
DeleteInstance | Releases a pay-as-you-go Elasticsearch cluster. |
DeleteLogstash | Releases a pay-as-you-go Logstash cluster. |
DeletePipelines | Deletes a specified pipeline in a Logstash cluster. |
DeleteProject | Deletes a project. |
DeleteSnapshotRepo | Deletes a shared OSS repository for an Elasticsearch cluster. |
DeleteVpcEndpoint | Deletes an endpoint in the VPC within the Elasticsearch service account. |
DescribeAckOperator | Queries the information about ES-operator that is installed for a specified Container Service for Kubernetes (ACK) cluster. |
DescribeApm | Queries the details of a specified APM Server instance. |
DescribeCollector | Queries the details of a Beats shipper. |
DescribeComponentIndex | Queries the details of a composable index template. |
DescribeConnectableClusters | Queries the Elasticsearch clusters that can be connected to the current Elasticsearch cluster. |
DescribeDeprecatedTemplate | Queries the details of a historical index template. |
DescribeDiagnoseReport | Queries the details of a historical intelligent O&M report. |
DescribeDiagnosisSettings | Queries the scenario settings of intelligent O&M. |
DescribeDynamicSettings | Queries the dynamic configurations of an Elasticsearch cluster. |
DescribeElasticsearchHealth | Queries the health status of an Elasticsearch cluster. |
DescribeILMPolicy | Queries the details of an index lifecycle policy. |
DescribeIndexTemplate | Queries the details of an index template. |
DescribeInstance | Queries the details of an Elasticsearch cluster, such as cluster configurations and network configurations. |
DescribeKibanaSettings | Queries the configurations of the Kibana node in an Elasticsearch cluster. |
DescribeLogstash | Queries the details of a specified Logstash cluster. |
DescribeMigrationMergeConfig | Queries the merge configurations of migration tasks. |
DescribePipeline | Queries the details of a pipeline in a Logstash cluster. |
DescribePipelineManagementConfig | Queries the management configurations of pipelines in a Logstash cluster. |
DescribeRegions | Queries the regions where Elasticsearch is available. |
DescribeSnapshotSetting | Queries the data backup configurations of an Elasticsearch cluster. |
DescribeTemplates | Queries scenario-based templates for an Elasticsearch cluster. |
DescribeVpcs | Queries existing VPCs. |
DescribeVSwitches | Queries existing vSwitches. |
DescribeXpackMonitorConfig | Queries the configurations of the X-Pack Monitoring feature of a Logstash cluster. |
DiagnoseInstance | Diagnoses an Elasticsearch cluster. |
DisableKibanaPvlNetwork | Disables the Private Network Access feature for Kibana. |
EnableKibanaPvlNetwork | Enables the Private Network Access feature for Kibana. |
EstimatedLogstashRestartTime | Queries the estimated time that is required to restart a Logstash cluster. |
EstimatedRestartTime | Queries the estimated time that is required to restart an Elasticsearch cluster. |
FeedbackReport | Generates an intelligent O&M report for an Elasticsearch cluster. |
GetCloudMigrationProgress | Queries the progress of cloud data migration in a self-managed Elasticsearch cluster. |
GetClusterDataInformation | Queries the metadata information about an Elasticsearch cluster. |
GetElastictask | Queries auto scaling rules configured for an Elasticsearch cluster. |
GetEmonGrafanaAlerts | Queries Grafana alerts. |
GetEmonGrafanaDashboards | Queries Grafana dashboards. |
GetEmonMonitorData | Queries Grafana metrics of an Elasticsearch cluster. |
GetKibanaLoginToken | Queries the token used for the Kibana logon. |
GetMigrationJob | Queries the details of a migration task. |
GetOpenStoreUsage | Queries the storage capacity and usage of an OpenStore instance. |
GetRegionalInstanceConfig | Queries the regional configurations of an Elasticsearch cluster. |
GetRegionConfiguration | Queries the configurations for the current region. |
GetSaml | Queries SAML information. |
GetSuggestShrinkableNodes | Queries nodes that can be removed from an Elasticsearch cluster. |
GetTransferableNodes | Queries nodes from which data can be migrated in an Elasticsearch cluster. |
GrayPublish | Completes the phased change. |
InitializeOperationRole | Creates a service-linked role. |
InitModel | Initializes an AI model. |
InstallAckOperator | Installs Elasticsearch-operator for an ACK cluster when you install a Beats shipper on the ACK cluster. |
InstallKibanaSystemPlugin | Installs a built-in plug-in for Kibana. |
InstallLogstashSystemPlugin | Installs a built-in plug-in for a Logstash cluster. |
InstallSystemPlugin | Installs a built-in plug-in for an Elasticsearch cluster. |
InstallUserPlugins | Installs a custom plug-in for an Elasticsearch cluster. |
InterruptElasticsearchTask | Suspends a change task of an Elasticsearch cluster. |
InterruptLogstashTask | Suspends a change task of a Logstash cluster. |
ListAckClusters | Queries all available ACK clusters when you install a Beats shipper on an ACK cluster. |
ListAckNamespaces | Queries namespaces in an ACK cluster when you install a Beats shipper on the ACK cluster. |
ListActionRecords | Queries change records. |
ListAllNode | Queries the information about all nodes in an Elasticsearch cluster. |
ListAlternativeSnapshotRepos | Queries the shared OSS repositories that can be configured for an Elasticsearch cluster. |
ListApm | Queries APM Server instances. |
ListAvailableEsInstanceIds | Queries the Elasticsearch clusters that can be associated with a Logstash cluster when you configure the X-Pack Monitoring feature for the Logstash cluster. |
ListClientNodeAvailabeSpecs | Queries the specifications available for client nodes of Elasticsearch clusters in the current region. |
ListCollectors | Queries Beats shippers. |
ListComponentIndices | Queries composable index templates. |
ListConnectedClusters | Queries the Elasticsearch clusters that are connected to the current Elasticsearch cluster. |
ListDataStreams | Queries the data streams of an Elasticsearch cluster. |
ListDataTasks | Queries data migration tasks of an Elasticsearch cluster. |
ListDefaultCollectorConfigurations | Queries the initial default settings of a Beats shipper. |
ListDeprecatedTemplates | Queries historical index templates. |
ListDiagnoseIndices | Queries the indexes for a health diagnostics test performed on a specified Elasticsearch cluster. |
ListDiagnoseReport | Queries the historical intelligent O&M reports of an Elasticsearch cluster. |
ListDiagnoseReportIds | Queries the IDs of the historical intelligent O&M reports of an Elasticsearch cluster. |
ListDiagnosisItems | Queries the diagnostics items of intelligent O&M. |
ListDiagnosisScenes | Queries the diagnostics scenarios of intelligent O&M. |
ListDictInformation | Queries and verifies the details of the dictionary object stored in OSS when you upload the object to an Elasticsearch cluster. |
ListDicts | Queries the details of a specified type of dictionary and the link that is generated based on the related signature to download the dictionary. |
ListEcsInstances | Queries all available Elastic Compute Service (ECS) instances when you install a Beats shipper on an ECS instance. |
ListExtendfiles | Updates the third-party libraries of a Logstash cluster. |
ListILMPolicies | Queries existing index lifecycle policies. |
ListIndexTemplates | Queries existing index templates. |
ListInstance | Queries the details of all Elasticsearch clusters or a specified Elasticsearch cluster. |
ListInstanceHistoryEvents | Queries events for hardware O&M triggered by an Elasticsearch cluster. |
ListInstanceIndices | Queries indexes in an Elasticsearch cluster. |
ListKibanaNodeAvailabeSpecs | Queries the specifications available for Kibana nodes of Elasticsearch clusters in the current region. |
ListKibanaPlugins | Queries Kibana plug-ins. |
ListKibanaPvlNetwork | Queries the status of the Private Network Access feature for Kibana. |
ListLogstash | Queries the details of all or specific Logstash clusters. |
ListLogstashLog | Queries the logs of a Logstash cluster. |
ListLogstashPlugins | Queries the details of all or specific Logstash plug-ins. |
ListMasterAvailabeSpecs | Queries the specifications available for dedicated master nodes of Elasticsearch clusters in the current region. |
ListMigrationJobs | Queries migration tasks. |
ListNodeAvailabeSpecs | Queries the specifications available for data nodes of Elasticsearch clusters in the current region. |
ListNodes | Queries the status of ECS instances on which a Beats shipper is installed. |
ListPipeline | Queries the pipelines of a Logstash cluster. |
ListPipelineIds | Queries the IDs of pipelines in a Logstash cluster. |
ListPlugins | Queries the plug-ins of an Elasticsearch cluster. |
ListSearchLog | Queries the logs of an Elasticsearch cluster. |
ListSearchModel | Queries all search models. |
ListShardRecoveries | Queries the information about shards that are being restored or shards that are restored in an Elasticsearch cluster. |
ListSnapshotReposByInstanceId | Queries the shared OSS repositories configured for an Elasticsearch cluster. |
ListTagResources | Queries the tags that are added to one or more resources. |
ListTags | Queries all visible user tags. |
ListUserPlugin | Queries custom plug-ins. |
ListVpcEndpoints | Queries the status of endpoints in the VPC within the Elasticsearch service account. |
ListWarmNodeAvailabeSpecs | Queries the specifications available for warm nodes of Elasticsearch clusters in the current region. |
MigrateToOtherZone | Migrates nodes in an Elasticsearch cluster from one zone to another zone. |
Modify | Modifies the specifications on the buy page. |
ModifyDeployMachine | Updates the ECS instances on which a Beats shipper is installed. |
ModifyElastictask | Updates auto scaling rules configured for an Elasticsearch cluster. |
ModifyEmonContact | Updates the contact of advanced monitoring. |
ModifyEmonContactGroup | Updates the contact group of advanced monitoring. |
ModifyInstanceMaintainTime | Enables and modifies the maintenance window of an Elasticsearch cluster. |
ModifyOssAuthorize | Enables automatic authorization for custom OSS repositories. |
ModifyWhiteIps | Updates the IP address whitelist of an Elasticsearch cluster. |
MoveResourceGroup | Changes the resource group to which an Elasticsearch cluster belongs. |
NoReasonRefund | Requests a refund based on money-back guarantee in the order center. |
OpenDiagnosis | Enables intelligent O&M for an Elasticsearch cluster. |
OpenHttps | Enables HTTPS for an Elasticsearch cluster. |
PluginAnalysis | Uploads a custom plug-in for parsing. |
PostEmonTryAlarmRule | Sends alert notifications for testing. |
RebootInstanceNode | Restarts a node in an Elasticsearch cluster. The node is an ECS instance. |
RecommendTemplates | Queries configurations recommended for an Elasticsearch cluster. |
ReinstallCollector | Installs a Beats shipper that fails to be installed when you create the shipper. |
Release | Releases an Elasticsearch cluster. |
RemainRefund | Requests a refund on the Unsubscribe page of the Expenses and Costs console. |
RemoveApm | Deletes an APM Server instance. |
RemovePlugin | Removes a plug-in from the plug-in library, which is different from uninstalling a plug-in. |
Renew | Renews an instance or a resource plan. |
RenewInstance | Renews a subscription Elasticsearch cluster. |
RenewLogstash | Renews a Logstash cluster. |
RestartCollector | Restarts a Beats shipper. |
RestartInstance | Restarts an Elasticsearch cluster. |
RestartLogstash | Restarts a Logstash cluster. |
ResumeElasticsearchTask | Resumes a change task of an Elasticsearch cluster. |
ResumeLogstashTask | Resumes a change task of a Logstash cluster. |
RollbackInstance | Rolls back a cluster. |
RolloverDataStream | Rolls over indexes for a data stream. |
RunPipelines | Runs pipelines in a Logstash cluster. |
ShrinkNode | Scales in an Elasticsearch cluster. |
StartApm | Starts an APM Server instance. |
StartCollector | Starts a Beats shipper. |
StopApm | Stops an APM Server instance. |
StopCollector | Stops a Beats shipper that is running. |
StopPipelines | Stops Logstash pipelines that are running. |
TagResources | Adds tags to resources. |
TransferNode | Runs a data migration task for an Elasticsearch cluster. |
TriggerNetwork | Enables or disables the Public Network Access or Private Network Access feature for Elasticsearch or Kibana. |
UninstallKibanaPlugin | Removes a Kibana plug-in. |
UninstallLogstashPlugin | Removes a Logstash plug-in. |
UninstallPlugin | Removes an Elasticsearch plug-in. |
UntagResources | Removes tags from resources. |
UpdateAdminPassword | Updates the password of the elastic account of an Elasticsearch cluster. |
UpdateAdvancedSetting | Updates the garbage collector (GC) configurations of an Elasticsearch cluster. |
UpdateAliwsDict | Updates the dictionary file of the analysis-aliws plug-in. |
UpdateApm | Updates the configurations of an APM Server instance. |
UpdateBlackIps | Updates the IP address blacklist. |
UpdateCollector | Updates the configurations of a Beats shipper. |
UpdateCollectorName | Updates the name of a Beats shipper. |
UpdateComponentIndex | Updates the configurations of a composable index template. |
UpdateDescription | Updates the name of an Elasticsearch cluster. |
UpdateDiagnosisSettings | Updates configurations for intelligent O&M for an Elasticsearch cluster. |
UpdateDict | Performs a standard update for dictionaries, including the built-in IK main dictionary and stopword list of the analysis-ik plug-in. |
UpdateDynamicSettings | Updates the dynamic configurations of an Elasticsearch cluster. |
UpdateExtendConfig | Updates the configurations of a scenario-based template for an Elasticsearch cluster. |
UpdateExtendfiles | Updates the third-party libraries of a Logstash cluster. |
UpdateHotIkDicts | Performs a rolling update for dictionaries, including the built-in IK main dictionary and stopword list of the analysis-ik plug-in. |
UpdateILMPolicy | Updates the configurations of an index lifecycle policy of an Elasticsearch cluster. |
UpdateIndexTemplate | Updates the configurations of an index template for an Elasticsearch cluster. |
UpdateInstance | Updates the configurations of an Elasticsearch cluster. |
UpdateInstanceChargeType | Switches the billing method of an Elasticsearch cluster from pay-as-you-go to subscription. |
UpdateInstanceSettings | Updates the configurations in the YML file of an Elasticsearch cluster. |
UpdateKibanaPvlNetwork | Updates the status of the Private Network Access feature for Kibana. |
UpdateKibanaSettings | Updates the configurations of Kibana. |
UpdateKibanaWhiteIps | Updates the IP address whitelist that controls access to the Kibana console of an Elasticsearch cluster. |
UpdateLogstash | Updates some information about a Logstash cluster, such as the number of nodes, specifications of each node, name, and hard disk size. |
UpdateLogstashChargeType | Changes the billing method of a Logstash cluster to subscription. |
UpdateLogstashDescription | Updates the name of a Logstash cluster. |
UpdateLogstashSettings | Updates the configurations of a Logstash cluster. |
UpdateMigrationJob | Updates a migration task. |
UpdatePipelineManagementConfig | Updates the management configurations of pipelines in a Logstash cluster. |
UpdatePipelines | Updates the information about pipelines in a Logstash cluster. |
UpdatePrivateNetworkWhiteIps | Updates the private IP address whitelist of an Elasticsearch cluster. |
UpdatePublicNetwork | Enables or disables the Public Network Access feature for an Elasticsearch cluster. |
UpdatePublicWhiteIps | Updates the public IP address whitelist of an Elasticsearch cluster. |
UpdateReadWritePolicy | Enables or disables the high availability feature for write operations on an Elasticsearch cluster. You can enable or disable the high availability feature for write operations only for Elasticsearch clusters that reside in the China (Beijing) region. |
UpdateSaml | Updates SAML information. |
UpdateSnapshotSetting | Updates the data backup settings of an Elasticsearch cluster. |
UpdateSynonymsDicts | Updates the synonym dictionary of an Elasticsearch cluster. |
UpdateTemplate | Updates a scenario-based template for an Elasticsearch cluster. |
UpdateWhiteIps | Updates the private IP address whitelist of an Elasticsearch cluster. |
UpdateXpackMonitorConfig | Updates the configurations of the X-Pack Monitoring feature of a Logstash cluster. |
UpgradeEngineVersion | Updates the version or kernel version of an Elasticsearch cluster. |
UpgradeInfo | Checks whether a minor version is available for upgrade. |
ValidateConnection | Tests the connectivity between a Logstash cluster and its associated Elasticsearch cluster when you configure the X-Pack Monitoring feature for the Logstash cluster. |
ValidateShrinkNodes | Checks whether specific nodes in an Elasticsearch cluster can be removed. |
ValidateSlrPermission | Checks whether a service-linked role is created. |
ValidateTransferableNodes | Checks whether data stored on specific nodes in an Elasticsearch cluster can be migrated. |