ActionTrail:Use ActionTrail SDK for Python to create a trail to deliver events to Simple Log Service

Prerequisites

• Simple Log Service is activated. For more information, see Getting Started.

  Important

  You are not charged when you activate Simple Log Service. You are charged when you deliver events to Simple Log Service for storage. For more information, see Billing overview.

• Python is installed. A Python development environment is built, and PyCharm is installed. For more information, see Install Python and Build a Python development environment on Windows.

• The required AccessKey pair of your Alibaba Cloud account is obtained, and environment variables are configured. For more information, see Create an AccessKey pair and Configure environment variables in Linux, macOS, and Windows.

Background information

To create a single-account trail by using ActionTrail SDK, you must create a project in Simple Log Service. By default, a trail is in the Disabled state. You must enable the trail before you query and analyze events in Simple Log Service.

Step 1: Create a project in Simple Log Service

The following section describes how to create a project named cloud-trail-project-test in the China (Hangzhou) region.

1. Create a project in PyCharm. Example: actiontrail.

   A file named main.py is generated to run the code of Simple Log Service SDK for Python.

2. Click Terminal or press Alt + F12 in PyCharm to open Terminal.

3. Run the following command to install the Simple Log Service SDK dependency package:

   pip install alibabacloud_sls20201230

4. Run the following code in the main.py file to create a project named cloud-trail-project-test in the China (Hangzhou) region.

   You can change information in the following code:

   • config.endpoint = f'cn-hangzhou.log.aliyuncs.com': hangzhou is the region to which the project belongs. You can change the region based on your business requirements. For more information about the regions supported by Simple Log Service, see Endpoints.

   • project_name='cloud-trail-project-test': cloud-trail-project-test is the name of the project. You can change the name based on your business requirements. For more information about the requirements for project names, see the projectName request parameter in CreateProject.

   import os
   import sys
   
   from typing import List
   
   from alibabacloud_sls20201230.client import Client as Sls20201230Client
   from alibabacloud_tea_openapi import models as open_api_models
   from alibabacloud_sls20201230 import models as sls_20201230_models
   from alibabacloud_tea_util import models as util_models
   
   
   class Sample:
       def __init__(self):
           pass
   
       @staticmethod
       def create_client() -> Sls20201230Client:       
          
           config = open_api_models.Config(
               access_key_id=os.environ['ALIBABA_CLOUD_ACCESS_KEY_ID'],
               access_key_secret=os.environ['ALIBABA_CLOUD_ACCESS_KEY_SECRET']
           )
           config.endpoint = f'cn-hangzhou.log.aliyuncs.com'
           return Sls20201230Client(config)
   
       @staticmethod
       def main(args: List[str],) -> None:
           client = Sample.create_client()
           create_project_request = sls_20201230_models.CreateProjectRequest(
               project_name='cloud-trail-project-test'
           )
           runtime = util_models.RuntimeOptions()
           headers = {}
           try:
               client.create_project_with_options(create_project_request, headers, runtime)
           except Exception as error:
               print(error.message)
   
   
   if __name__ == '__main__':
       Sample.main(sys.argv[1:])

5. View the cloud-trail-project-test project.

   Log on to the Simple Log Service console. In the Projects section, view the project.

   

Step 2: Create and enable a trail in ActionTrail

The following procedure describes how to create a trail named cloud_trail_test in the China (Hangzhou) region.

1. Click Terminal or press Alt + F12 in PyCharm to open Terminal.

2. Run the following command to install the ActionTrail SDK dependency package:

   pip install alibabacloud_actiontrail20200706

3. Run the following code in the main.py file to create a trail named cloud_trail_test.

   You can change information in the following code:

   • name='cloud_trail_test': cloud_trail_test is the name of the trail. You can change the name based on your business requirements. For more information about the requirements for trail names, see the Name request parameter in CreateTrail.

   • acs:log:cn-hangzhou:141339776561****:project/cloud-trail-project-test in sls_project_arn='acs:log:cn-hangzhou:141339776561****:project/cloud-trail-project-test' is the Alibaba Cloud Resource Name (ARN) of the project to which events are delivered. 141339776561**** is the ID of the current account. cloud-trail-project-test and cn-hangzhou are the name and region of the project that is created in Step 1. You can modify them based on your business requirements.

   import os
   import sys
   
   from typing import List
   
   from alibabacloud_actiontrail20200706.client import Client as Actiontrail20200706Client
   from alibabacloud_tea_openapi import models as open_api_models
   from alibabacloud_actiontrail20200706 import models as actiontrail_20200706_models
   from alibabacloud_tea_util import models as util_models
   
   
   class Sample:
       def __init__(self):
           pass
   
       @staticmethod
       def create_client() -> Actiontrail20200706Client:
           config = open_api_models.Config(
               access_key_id=os.environ['ALIBABA_CLOUD_ACCESS_KEY_ID'],
               access_key_secret=os.environ['ALIBABA_CLOUD_ACCESS_KEY_SECRET']
           )
           config.endpoint = f'actiontrail.cn-hangzhou.aliyuncs.com'
           return Actiontrail20200706Client(config)
   
       @staticmethod
       def main(args: List[str], ) -> None:
           client = Sample.create_client()
           create_trail_request = actiontrail_20200706_models.CreateTrailRequest(
               name='cloud_trail_test',
               sls_project_arn='acs:log:cn-hangzhou:141339776561****:project/cloud-trail-project-test'
           )
           runtime = util_models.RuntimeOptions()
           try:
               client.create_trail_with_options(create_trail_request, runtime)
           except Exception as error:
               print(error.message)
   
   
   if __name__ == '__main__':
       Sample.main(sys.argv[1:])

4. Run the following code in the main.py file to enable the cloud_trail_test trail.

   You can change information in the following code:

   name='cloud_trail_test': cloud_trail_test is the name of the trail that is created in this step. You can change the name based on your business requirements.

   import os
   import sys
   
   from typing import List
   
   from alibabacloud_actiontrail20200706.client import Client as Actiontrail20200706Client
   from alibabacloud_tea_openapi import models as open_api_models
   from alibabacloud_actiontrail20200706 import models as actiontrail_20200706_models
   from alibabacloud_tea_util import models as util_models
   
   
   class Sample:
       def __init__(self):
           pass
   
       @staticmethod
       def create_client() -> Actiontrail20200706Client:
           config = open_api_models.Config(
               access_key_id=os.environ['ALIBABA_CLOUD_ACCESS_KEY_ID'],
               access_key_secret=os.environ['ALIBABA_CLOUD_ACCESS_KEY_SECRET']
           )
           config.endpoint = f'actiontrail.cn-hangzhou.aliyuncs.com'
           return Actiontrail20200706Client(config)
   
       @staticmethod
       def main(args: List[str],) -> None:
           client = Sample.create_client()
           start_logging_request = actiontrail_20200706_models.StartLoggingRequest(
               name='cloud_trail_test'
           )
           runtime = util_models.RuntimeOptions()
           try:
               client.start_logging_with_options(start_logging_request, runtime)
           except Exception as error:
               print(error.message)
   
   if __name__ == '__main__':
       Sample.main(sys.argv[1:])

5. View the cloud_trail_test trail and its status. The Status is Enabled.

   1. Log on to the ActionTrail console.

   2. In the left-side navigation pane, click Trails.

      On the Trails page, view the trail and its status.

      

Step 3: View events in Simple Log Service

In the Simple Log Service console, view the events that are delivered to Simple Log Service, and query and analyze the events.

1. Log on to the Simple Log Service console.

2. In the Projects section, click the cloud-trail-project-test project.

   View the events that are delivered by the cloud_trail_test trail in a Logstore named actiontrail_cloud_trail_test.

   Note

   When you create a trail, ActionTrail creates a Logstore named actiontrail_cloud_trail_test in the project that is created in Step 1.

   

References

• For more information about how to query and analyze events in Simple Log Service, see Query and analyze logs.

• For more information about scenarios for querying and analyzing events in Simple Log Service, see Use Simple Log Service to analyze events.

• For more information about how to create a trail in the ActionTrail console, see Create a single-account trail.