All Products
Search
Document Center

Smart Access Gateway:CreateFlowLog

Last Updated:Mar 29, 2024

Creates a flow log.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
smartag:CreateFlowLogWrite
  • FlowLog
    acs:smartag:{#regionId}:{#accountId}:flowlog/*
    none
none

Request parameters

ParameterTypeRequiredDescriptionExample
RegionIdstringYes

The ID of the region to which the flow log belongs.

You can call the DescribeRegions operation to query the most recent region list.

cn-shanghai
DescriptionstringNo

The description of the flow log.

test
NamestringNo

The name of the flow log.

sag-flowlog-1
ActiveAgingintegerNo

The output interval under active connections. Valid values: 60 to 6000. Unit: seconds. Default value: 300.

300
InactiveAgingintegerNo

The output interval under inactive connections. Valid values: 10 to 600. Unit: seconds. Default value: 15.

15
OutputTypestringYes

The type of the flow log. Valid values:

  • sls: The flow log is stored in Log Service.
  • netflow: The flow log is stored on a NetFlow collector.
  • all: The flow log is stored both in Log Service and on a NetFlow collector.
all
SlsRegionIdstringNo

The ID of the region where Log Service is deployed.

If OutputType is set to sls or all, this parameter is required.

cn-shanghai
ProjectNamestringNo

The project in Log Service.

If OutputType is set to sls or all, this parameter is required.

sag-flowlog-shanghai
LogstoreNamestringNo

The Logstore in Log Service.

If OutputType is set to sls or all, this parameter is required.

config-operation-log
NetflowServerIpstringNo

The IP address of the NetFlow collector where the flow log is stored.

If OutputType is set to netflow or all, this parameter is required.

192.168.0.2
NetflowServerPortintegerNo

The port number of the NetFlow collector where the flow log is stored. Default value: 9995.

If OutputType is set to netflow or all, this parameter is required.

9995
NetflowVersionstringNo

The version of the NetFlow collector where the flow log is stored. Valid values: V5, V9, and V10. Default value: V9.

If OutputType is set to netflow or all, this parameter is required.

V9

Response parameters

ParameterTypeDescriptionExample
object
RequestIdstring

The ID of the request.

650CB9E8-20F3-4538-A4FC-1DA1B36E42D9
FlowLogIdstring

The ID of the flow log.

fl-7a56mar1kfw9vj****
ResourceGroupIdstring

The ID of the resource group to which the flow log belongs.

rg-acfm2iu4f****

Examples

Sample success responses

JSONformat

{
  "RequestId": "650CB9E8-20F3-4538-A4FC-1DA1B36E42D9",
  "FlowLogId": "fl-7a56mar1kfw9vj****",
  "ResourceGroupId": "rg-acfm2iu4f****"
}

Error codes

HTTP status codeError codeError messageDescription
400DependencyViolation.FlowLogThis FlowLog instance is bound to an SAG instance.This flow log associated with a resource.
400IncorrectStatus.FlowLogThe current FlowLog instance status does not support this operation.The status of the flow log is invalid.
400InvalidFlowLogId.NotFoundThe specified FlowLogId does not exist.The specified FlowLogId does not exist.
400MissingParam.FlowLogIdSpecify the FlowLogId parameter.You must set the FlowLogId parameter.
400OperationFailed.AssociateFlowLogThe operation failed. The specified SAG instance has already been associated with another FlowLog instance.The operation failed. The specified SAG instance has already been associated with another flow log.
400OperationUnsupported.AssociateFlowLogYou cannot bind the SAG device of the current version or model to a FlowLog instance.The version or model of the SAG device does not allow you to associate it with a flow log.
400QuotaExceeded.FlowlogThe maximum number of FlowLog instances is exceeded.The number of flow logs has reached the upper limit.
400MissingParam.LogstoreNameSpecify the LogstoreName parameter.You must set the LogstoreName parameter.
400MissingParam.NetflowServerIpSpecify the NetflowServerIp parameter.You must set the NetflowServerIp parameter.
400MissingParam.NetflowServerPortSpecify the NetflowServerPort parameter.You must set the NetflowServerPort parameter.
400MissingParam.NetflowVersionSpecify the NetflowVersion parameter.You must set the NetflowVersion parameter.
400MissingParam.ProjectNameSpecify the ProjectName parameter.You must set the ProjectName parameter.
400MissingParam.SlsRegionIdSpecify the SlsRegionId parameter.You must set the SlsRegionId parameter.
400IllegalParam.ActiveAgingThe specified ActiveAging is invalid.The ActiveAging parameter is set to an invalid value.
400IllegalParam.InactiveAgingThe specified InactiveAging is invalid.The InactiveAging parameter is set to an invalid value.
400IllegalParam.NetflowServerIpThe specified NetflowServerIp is invalid.The NetflowServerIp parameter is set to an invalid value.
400IllegalParam.NetflowServerPortThe specified NetflowServerPort is invalid.The NetflowServerPort parameter is set to an invalid value.
400IllegalParam.NetflowVersionThe specified NetflowVersion is invalid.The NetflowVersion parameter is set to an invalid value.
400IllegalParam.OutputTypeThe specified OutputType is invalid.The OutputType parameter is set to an invalid value.
400IllegalParam.RegionIdThe specified RegionId is invalid.The RegionId parameter is set to an invalid value.
400IllegalParam.SlsRegionIdThe specified SlsRegionId is invalid.The SlsRegionId parameter is set to an invalid value.
400IllegalParam.StatusThe specified Status parameter is invalid.The Status parameter is set to an invalid value.
403FeatureNotSupportThe current edition of the smart access gateway does not support this feature.The current version of Smart Access Gateway does not support this feature.

For a list of error codes, visit the Service error codes.