Download audit logs - - Alibaba Cloud Documentation Center

This topic describes how to download the audit logs of an instance to your computer. You can archive, filter, and analyze the downloaded audit logs.

Prerequisites

The audit log feature is enabled. For more information, see Enable the audit log feature.
The RAM user that you use to access audit logs has the permissions to access Simple Log Service.
- You can attach the AliyunLogReadOnlyAccess or AliyunLogFullAccess system policy to a RAM user. After the policy is attached, the RAM user can view all Logstores. For more information, see Grant permissions to a RAM user.
- You can also customize a policy to allow a RAM user to view only the audit logs of Tair.
  Custom policy example
  { "Version": "1", "Statement": [ { "Action": [ "log:Get*", "log:List*" ], "Resource": "acs:log:*:*:project/nosql-*", "Effect": "Allow" } ] }

Log on to the Tair console and go to the Instances page. In the top navigation bar, select the region in which the instance that you want to manage resides. Then, find the instance and click the instance ID.
In the left-side navigation pane, choose Logs > Audit Logs.
On the page that appears, click the icon in the upper-right corner.
Note You can filter logs by using the following methods. Then, you can download the content that meets your requirements.
- Filter log data by keyword, type, account, or client IP address. For more information, see Filter the audit logs of an instance.
- Click Select Time Range to filter logs by time range.
Click Download Chart or Download Chart Data.
Logs generated within the selected time range are downloaded to your computer by using the browser. These logs are CSV files. You can view them by using Excel.