Lindorm:Enable the audit log feature

Prerequisites

The LindormTSDB version of your Lindorm instance is 3.4.25 and later. For more information about how to view or upgrade the version of LindormTSDB, see Release notes of LindormTSDB and Upgrade the minor engine version of a Lindorm instance.

Usage notes

• Single-node Lindorm instances and Lindorm Serverless instances do not support the audit log feature.

• If you use a RAM user to enable the audit log feature, you must grant the AliyunLogFullAccess permission to the RAM user. For more information about how to grant permissions, see Grant permissions to a RAM user.

• After the audit log feature is enabled, Lindorm creates a project and a dedicated Logstore in the region where the Lindorm instance is deployed by default.

  • The project name is in the aliyun-product-Alibaba Cloud account ID-Region ID format.

  • The name of the dedicated Logstore is lindorm-tsdb-audit-log.

• Some operations such as data writing and index modification cannot be performed on dedicated Logstores. However, you can perform operations related to queries, statistics, and alarms on the Logstores.

Billing rules

• After you enable the audit log feature for a Lindorm instance, you are charged fees for the dedicated Logstores created by SLS in a pay-by-feature manner. For more information, see Billable items of pay-by-feature.

• You are not charged additional fees for the audit log feature.

Procedure

1. Log on to the Lindorm console. In the upper-left corner of the page, select the region where the instance is deployed. On the Instances page, click the ID of the instance that you want to manage or click Manage in the Actions column corresponding to the instance.

2. In the left-side navigation pane, click Time Series Engine. On the page that appears, click the Audit Logs tab.

3. Turn on the Current Status switch. In the Audit Logs message, click OK.