阿里雲PrivateZone已與阿里雲 ActionTrail 整合,您可以在 ActionTrail 中查看和檢索使用者行為日誌,同時通過ActronTrail 將日誌投遞到Log Service LogStore 或指定的 OSS Bucket 中,滿足即時審計、問題回溯分析等需要。
ActionTrail中記錄的PrivateZone動作記錄
PrivateZone 的Action Trail日誌主要包含的是 API 事件,其中 OpenAPI 事件在 ActionTrail 中記錄的 eventType 取值為 ApiCall,其含義可以參考PrivateZone的API說明。
PrivateZone 的日誌範例
下面展示了一個 ActionTrail 中記錄的 PrivateZone建立解析記錄的日誌,該條日誌記錄了 PrivateZone AddZoneRecord 操作記錄的詳細資料:
{
"eventId": "99680534-****-****-****-DCFD92E18FAB",
"eventVersion": 1,
"responseElements": {
"RequestId": "99680534-****-****-****-DCFD92E18FAB",
"RecordId": 175***657,
"Success": true
},
"eventSource": "pvtz.aliyuncs.com",
"requestParameters": {
"Rr": "abc",
"userClientIp": "100.**.***.69",
"AcsHost": "pvtz.aliyuncs.com",
"ZoneId": "d696741102e*******0ca13e934bd07",
"RequestId": "99680534-****-****-****-DCFD92E18FAB",
"Lang": "zh",
"HostId": "pvtz.aliyuncs.com",
"Ttl": 60,
"Type": "A",
"ServiceCode": "pvtz",
"AcsProduct": "pvtz",
"UserClientIp": "100.**.***.69",
"Value": "5.*.*.5",
"RegionId": "cn-hangzhou"
},
"sourceIpAddress": "Internal",
"userAgent": "AlibabaCloud (Linux; amd64) Java/1.**_172-b9 Core/***.6 HTTPClient/ApacheHttpClient",
"eventType": "ApiCall",
"referencedResources": {
"ACS::PrivateZone::ZoneRecord": [
"175***657"
]
},
"userIdentity": {
updateZOne "sessionContext": {
"attributes": {
"mfaAuthenticated": "false"
}
},
"accountId": "12046******1685",
"principalId": "12046******1685",
"type": "root-account",
"userName": "root"
},
"serviceName": "PrivateZone",
"additionalEventData": {
"Scheme": "http"
},
"apiVersion": "2018-01-01",
"requestId": "99680534-****-****-****-DCFD92E18FAB",
"eventTime": "2021-01-08T04:56:37Z",
"isGlobal": false,
"acsRegion": "cn-hangzhou",
"eventName": "AddZoneRecord"
}