User Guide

Huawei Technologies Co., Ltd.

User Guide

Cloud Trace Service User Guide Issue 01 Date 2020-09-29 HUAWEI TECHNOLOGIES CO., LTD.

PDF Viewing Options

Not Your Device? Search For Manuals or Datasheets below:


File Info : application/pdf, 59 Pages, 646.63KB

Document DEVICE REPORTcts-eu-west-0-usermanual
Cloud Trace Service
User Guide

Issue Date

01 2020-09-29

HUAWEI TECHNOLOGIES CO., LTD.

Copyright © Huawei Technologies Co., Ltd. 2021. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders.
Notice The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute a warranty of any kind, express or implied.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

i

Cloud Trace Service User Guide

Contents

Contents

1 Overview....................................................................................................................................1
1.1 What Is Cloud Trace Service?.............................................................................................................................................. 1 1.2 Basic Concepts.......................................................................................................................................................................... 2 1.3 How CTS Functions................................................................................................................................................................. 4 1.4 Application Scenarios............................................................................................................................................................. 4 1.5 Supported Services.................................................................................................................................................................. 5 1.6 How to Access CTS................................................................................................................................................................. 5
2 Getting Started........................................................................................................................ 6
2.1 Enabling CTS............................................................................................................................................................................. 6 2.2 Querying Real-Time Traces.................................................................................................................................................. 6 2.3 Querying Archived Traces..................................................................................................................................................... 8
3 Managing Trackers................................................................................................................10
3.1 Modifying a Tracker............................................................................................................................................................. 10 3.2 Disabling or Enabling a Tracker....................................................................................................................................... 11 3.3 Deleting a Tracker................................................................................................................................................................. 11
4 Application Examples........................................................................................................... 13
4.1 Security Auditing................................................................................................................................................................... 13 4.2 Fault Locating........................................................................................................................................................................ 14 4.3 Resource Tracking................................................................................................................................................................. 15
5 Trace References.................................................................................................................... 16
5.1 Trace Structure....................................................................................................................................................................... 16 5.2 Example Traces...................................................................................................................................................................... 18
6 Supported Services and Operation Lists.......................................................................... 21
6.1 Computing............................................................................................................................................................................... 21 6.1.1 Key Operations on ECS.................................................................................................................................................... 21 6.1.2 Key Operations on IMS.................................................................................................................................................... 22 6.1.3 Key Operations on BMS.................................................................................................................................................. 23 6.1.4 Key Operations on CCE....................................................................................................................................................23 6.2 Storage..................................................................................................................................................................................... 28 6.2.1 Key Operations on CSBS................................................................................................................................................. 28 6.2.2 Key Operations on EVS.................................................................................................................................................... 28

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

ii

Cloud Trace Service User Guide

Contents

6.2.3 Key Operations on VBS....................................................................................................................................................29 6.2.4 Key Operations on SDRS................................................................................................................................................. 30 6.3 Network................................................................................................................................................................................... 32 6.3.1 Key Operations on VPC................................................................................................................................................... 32 6.3.2 Key Operations on Direct Connect.............................................................................................................................. 33 6.3.3 Key Operations on ELB.................................................................................................................................................... 34 6.3.4 Region-level Key Operations on DNS......................................................................................................................... 35 6.3.5 Global-level Key Operations on DNS......................................................................................................................... 36 6.4 Management & Deployment............................................................................................................................................ 37 6.4.1 Key Operations on CTS.................................................................................................................................................... 37 6.4.2 Key Operations on Cloud Eye........................................................................................................................................ 37 6.4.3 Key Operations on IAM................................................................................................................................................... 38 6.4.4 Key Operations on RTS.................................................................................................................................................... 41 6.4.5 Key Operations on TMS.................................................................................................................................................. 42 6.5 Database.................................................................................................................................................................................. 43 6.5.1 Key Operations on RDS................................................................................................................................................... 43 6.6 Security..................................................................................................................................................................................... 45 6.6.1 Key Operations on Anti-DDoS...................................................................................................................................... 45 6.7 Enterprise Application......................................................................................................................................................... 45 6.7.1 Key Operations on Workspace...................................................................................................................................... 46 6.8 Enterprise Intelligence......................................................................................................................................................... 47 6.8.1 Key Operations on MRS.................................................................................................................................................. 47 6.9 Key Operations on DeC.......................................................................................................................................................48
7 Quota Adjustment.................................................................................................................49
8 FAQs..........................................................................................................................................50
8.1 Can I Create Multiple Trackers?....................................................................................................................................... 50 8.2 Which Type of Information Is Displayed on the Trace List?...................................................................................50 8.3 Can Information Be Deleted from the Trace List?..................................................................................................... 51 8.4 What Users May Require CTS?......................................................................................................................................... 51 8.5 How Long Can Trace Files Be Retained?.......................................................................................................................51 8.6 What Will Happen If I Have Enabled CTS But Have Not Configured a Correct Policy for the OBS Bucket?............................................................................................................................................................................................ 51 8.7 Does CTS Support Integrity Verification of Trace Files?.......................................................................................... 51 8.8 Will Performance of Other Cloud Service Resources Be Affected If I Enable CTS?....................................... 52 8.9 Why Are Fields of Some Traces Displayed Null on the View Trace Page?........................................................ 52 8.10 Why Are the of Some Traces in the Trace List Hyperlinks?..................................................................................52 8.11 Why Do Some Operation Records Occur Twice in the Trace List?.................................................................... 52 8.12 Why Are user_name and op_service Displayed When I Filter Traces by User?...........................................53 8.13 Which Type of OBS Buckets Is Suitable for CTS to Store Traces?...................................................................... 53 8.14 Why Are user and source_ip Empty for Some Traces with trace_type as systemAction?..................... 53 8.15 What Are the Meanings of the Three Trace Statuses?.......................................................................................... 53

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

iii

Cloud Trace Service User Guide

Contents

A Change History...................................................................................................................... 54

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

iv

Cloud Trace Service User Guide

1 Overview

1 Overview
What Is Cloud Trace Service? Basic Concepts How CTS Functions Application Scenarios Supported Services How to Access CTS
1.1 What Is Cloud Trace Service?
The log audit module is a core component necessary for information security audit and an important information system providing security risk management and control for enterprises and public institutions. As the information system is migrating to the cloud, information and data security management departments around the world have released multiple standards, such as ISO IEC27000, GB/T 20945-2013, COSO, COBIT, ITIL, and NISTSP800. Cloud Trace Service (CTS) is a log audit service that is available for cloud security. It allows you to collect, store, and query resource operation records. You can use these records to perform security analysis, track resource changes, audit compliance, and locate faults.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

1

Cloud Trace Service User Guide
Figure 1-1 CTS service diagram

1 Overview

CTS provides the following functions:
 Trace recording: CTS records operations performed on the management console or by calling APIs, as well as operations triggered by each interconnected service.
 Trace query: Operation records of the last seven days can be queried on the management console from multiple dimensions, such as the trace source, trace name, operation type, resource name, resource ID, and time.
 Trace dumping: Traces are delivered to Object Storage Service (OBS) buckets on a regular basis for long-term storage. In this process, traces are compressed into trace files by service.

1.2 Basic Concepts

Trackers

Before using CTS, you need to enable the CTS service. A tracker is automatically created when you enable CTS. This tracker automatically identifies and associates with all cloud services enabled by the current tenant, and records all operations by the tenant.
Currently, only one tracker can be created for each user.

Traces

Traces are operation logs of cloud service resources and are captured and stored by CTS. You can view the traces to get to know details of operations performed on specific resources.
There are two types of traces:
 Real-time traces Operation records generated during the last seven days

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

2

Cloud Trace Service User Guide

1 Overview

 Archived traces Historical operation records that have been stored in an OBS bucket

Trace Lists

The trace list displays details about the operations that you have performed, such as creating, modifying, or deleting cloud service resources. It contains all of the traces that were generated during the last seven days.

Trace Files

A trace file is a collection of traces. CTS automatically generates multiple trace files by service and dump interval and then synchronizes these files to the OBS bucket that you have specified.
Generally, all traces of a service generated during a dump interval are compressed into one trace file. However, if there are a large number of traces, the system will adjust the number of traces contained in each trace file as needed.
Traces files are in JSON format. Figure 1-2 shows an example of a trace file.

Figure 1-2 Trace file example

For details about how to obtain trace files, see Querying Archived Traces. For details about key fields in the structure of a trace, see Trace Structure.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

3

Cloud Trace Service User Guide

1 Overview

1.3 How CTS Functions
CTS interconnects directly with other cloud services and records operations performed on cloud resources and operation results in real time. It delivers records in the form of trace files to OBS buckets.
Before enabling CTS, you need to enable OBS. After CTS is enabled, the associated tracker can track the trace files generated and store them in OBS buckets.
You can perform two types of operations on a trace file:
 Trace file creation and storage ­ When you perform adding, deleting, or modifying operations on services interconnected with CTS, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), and Image Management Service (IMS), the target services will record the operations and their results automatically and deliver them in the form of traces to CTS for archiving. ­ CTS stores and displays the last seven days of operation records on its console and periodically synchronizes the records to the OBS bucket that you have specified for long-term storage.
 Trace file query ­ You can query operation records of the last seven days on the Trace List page by filter or time. ­ To query operation records earlier than seven days, you can download the trace files stored in OBS buckets. ­ You can enable, disable or delete a tracker on the Tracker page. For example, if you create an image using the IMS service, the service will report the creation operation to CTS. Then, CTS will deliver the trace to an OBS bucket for storage. You can view trace files in the trace list. Figure 1-3 shows the working principle of CTS.
Figure 1-3 How CTS functions

1.4 Application Scenarios
CTS is mainly used in the following scenarios:

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

4

Cloud Trace Service User Guide

1 Overview

 Compliance audit
CTS allows you to query all operation records of security control. This is essential for enterprises and organizations, especially financial and payment enterprises, to obtain the certification, such as PCI DSS, GB/T 24589.1, and COSO.
 Resource tracking
With CTS, you can search for traces by resource and track operations and changes of any cloud resource throughout its lifecycle, as well as the source and result of each operation or change, to better use resources.
 Fault locating
When a cloud resource becomes faulty, you can use traces generated by CTS to quickly find out the suspicious operation causing the fault and its result, greatly reducing the time and labor costs on fault locating and rectifying.
 Security analysis
Enterprises and public institutions can specify the scope of risky operations or key operations based on their requirements, and periodically view the operator, time and IP address of each operation request to which attention must be paid for security analysis.

1.5 Supported Services
Once you enable CTS, the system automatically identifies cloud services enabled on the current cloud platform, captures key operations on the services, and reports traces of these operations to CTS.
Traces of global-level cloud services are only recorded at the central region of the current site. Multi-project scenarios are not supported.
The key operations of global-level services supported by CTS are as follows:  Global-level Key Operations on DNS  Key Operations on IAM  Key Operations on TMS
Traces of region-level cloud services are recorded in the target region or project to which the operated resources belong.
For key operations of region-level services supported by CTS, see Supported Services and Operation Lists.

1.6 How to Access CTS
You can access CTS using a web-based service management console. If you have registered on the public cloud platform, log in to the management console, and choose Management & Deployment > Cloud Trace Service.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

5

Cloud Trace Service User Guide

2 Getting Started

2 Getting Started

Enabling CTS Querying Real-Time Traces Querying Archived Traces

2.1 Enabling CTS

Scenarios

You need to enable CTS before using it. A tracker will be automatically created after CTS is enabled. All traces recorded by CTS are associated with the tracker.
Trace files need to be stored in OBS buckets. Therefore, before enabling CTS, you need to enable OBS and have full permissions on the OBS bucket to be used. By default, only the service owner who has enabled OBS can access OBS buckets and all objects contained, and the owner can grant permissions to other services and users by configuring an access policy.
This section describes how to enable CTS.

Prerequisites
You have enabled OBS.

2.2 Querying Real-Time Traces

Scenarios

After CTS is enabled, the tracker starts recording operations on cloud resources. The CTS management console stores the last seven days of operation records.
This section describes how to query or export the last seven days of operation records on the management console.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

6

Cloud Trace Service User Guide

2 Getting Started

Procedure

1. Log in to the management console.
2. Click in the upper left corner to select the desired region and project. 3. Click Service List and choose Management & Deployment > Cloud Trace
Service. 4. In the left navigation pane, choose Trace List. 5. Click Filter and specify filters as needed. You can query traces by combining
the following filters: ­ Trace Type, Trace Source, Resource Type, and Search By.
Select a filter from the drop-down list. When you select Resource ID for Search By, you also need to select or enter a resource ID. ­ Operator: Select a specific operator. ­ Trace Status: Select one of All trace statuses, normal, warning, and incident. ­ Time Range: In the upper right corner of the page, you can query traces in the last 1 hour, last 1 day, last 1 week, or within a customized period.

6. Click

on the left of the required trace to expand its details.

7. Click View Trace in the Operation column. On the displayed View Trace dialog box, the trace structure details are displayed.

Figure 2-1 Viewing traces

For details about key fields in the trace structure, see sections Trace Structure and Example Traces.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

7

Cloud Trace Service User Guide

2 Getting Started

2.3 Querying Archived Traces

Scenarios Procedure

CTS periodically compresses the recorded traces into trace files and delivers them to OBS buckets. Trace files are collections of traces that CTS automatically generates by service and dump interval. CTS adjusts the number of traces contained in a trace file as the service load changes.
This section describes how to obtain historical operation records from trace files downloaded from the OBS bucket.
1. Log in to the management console.
2. Click in the upper left corner to select the desired region and project. 3. Click Service List and choose Management & Deployment > Cloud Trace
Service. 4. Click Tracker in the left pane. 5. Click the specified bucket in the OBS Bucket column. 6. Select the target trace. Choose OBS bucket name > CloudTraces > Region >
Year > Month > Day > Tracker name > Service type directory. Click Download in the Operation column to download the trace file to the default path. To download the trace file to a customized path, click More > Download As. ­ The trace file storage path is as follows:
OBS bucket name > CloudTraces > Region > Year > Month > Day > Tracker name > Service type directory An example is User Define>CloudTraces>region>2016>5>19>system>ECS. ­ The trace file naming format is as follows: Operation trace file prefix_CloudTrace_Region_/Region-projectTime when the log was uploaded to OBS: year-month-dayThour-minutesecondZ_Character randomly generated.json.gz An example is File Prefix_CloudTrace_region_2016-05-30T16-20-56Z_21d36ced8c8af71e.js on.gz.
NOTE
The OBS bucket name and trace file prefix are user-defined, and other parameters are automatically generated.
For details about key fields in the trace structure, see Trace Structure and Example Traces.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

8

Cloud Trace Service User Guide
Figure 2-2 Viewing trace file content

2 Getting Started

7. Extract a JSON file with the same name as the downloaded trace file and open the JSON file using a text file editor to view trace logs.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

9

Cloud Trace Service User Guide

3 Managing Trackers

3 Managing Trackers

Modifying a Tracker Disabling or Enabling a Tracker Deleting a Tracker

3.1 Modifying a Tracker

Scenarios

This section describes how to modify the OBS bucket or file prefix of a created tracker on the CTS console. When you modify the bucket in the tracker, CTS automatically adds a policy to a new OBS bucket so that trace files can be delivered to the new bucket for storage. Modifying the file prefix of the tracker has no impact on the OBS bucket policy. After the modification is complete, the system will immediately start recording operations under the new rule.
This section describes how to modify the tracker configuration.

Prerequisites
You have created a tracker in CTS.

Procedure

1. Log in to the management console.
2. Click in the upper left corner to select the desired region and project. 3. Click Service List and choose Management & Deployment > Cloud Trace
Service. 4. Click Tracker in the left pane. 5. Click Modify in the Operation column.
You can specify an existing OBS bucket for storing trace files, or rename File Prefix. 6. Click OK.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

10

Cloud Trace Service User Guide

3 Managing Trackers

After the tracker configuration is modified, you can view its new configuration on the Tracker page.
NOTE
Traces recorded by CTS are periodically delivered to the OBS bucket for storage. If you change the OBS bucket for a tracker, traces generated during the current period (generally several minutes) will be delivered to the new OBS bucket. For example, if the current period is from 12:00 to 12:05 and you change the OBS bucket for the tracker at 12:02, traces received from 12:00 to 12:02 will be delivered to the new OBS bucket at 12:05 for storage.

3.2 Disabling or Enabling a Tracker

Scenarios

This section describes how to disable an existing tracker on the CTS console. After the tracker is disabled, the system will stop recording operations, but you can still view operation records that have been recorded.
This section describes how to disable a tracker.

Prerequisites
You have created a tracker in CTS.

Procedure

1. Log in to the management console.
2. Click in the upper left corner to select the desired region and project. 3. Click Service List and choose Management & Deployment > Cloud Trace
Service. 4. Click Tracker in the left pane. 5. In the tracker list, click Disable in the Operation column. 6. Click Yes.
After the tracker is disabled, its status changes from Disable to Enable. To enable the tracker again, click Enable and then click Yes. The system will start recording operations again.

3.3 Deleting a Tracker

Scenarios

This section describes how to delete an existing tracker on the CTS console. Deleting a tracker has no impact on the traces that have been received. When you enable CTS again, you still can view those traces.
This section describes how to delete the tracker.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

11

Cloud Trace Service User Guide

3 Managing Trackers

Prerequisites
You have created a tracker in CTS.

Procedure

1. Log in to the management console.
2. Click in the upper left corner to select the desired region and project. 3. Click Service List and choose Management & Deployment > Cloud Trace
Service. 4. Click Tracker in the left pane. 5. In the tracker list, click Delete in the Operation column. 6. Click Yes.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

12

Cloud Trace Service User Guide

4 Application Examples

4 Application Examples

Security Auditing Fault Locating Resource Tracking

4.1 Security Auditing

Scenarios

This section describes how to query records matching a specified characteristic and to perform security analysis on records of operations to check whether the operations are performed by authorized users.

Prerequisites
You have enabled CTS and the tracker is normal. For details about how to enable CTS, see Enabling CTS.

Procedure

The following steps take the creation and deletion of EVS disks in the last two weeks as an example:
1. Log in to the management console using the administrator account.
2. Click in the upper left corner to select the desired region and project. 3. Click Service List and choose Management & Deployment > Cloud Trace
Service. 4. Choose Trace List in the navigation pane on the left. 5. On the trace list page, click Filter. In the displayed box, specify Trace Source,
Resource Type, and Search By, and click Query to query the specified traces. For example, you can select EVS for Trace Source, evs for Resource Type, and Trace name for Search By, select createVolume or deleteVolume in the right text box, and click Query to query all creation or deletion operations performed on EVS in the last seven days.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

13

Cloud Trace Service User Guide

4 Application Examples

6. Choose Tracker from the left pane to switch to the Tracker page and obtain the OBS bucket name.
7. Download traces generated in the last seven days or all traces. For details, see Querying Archived Traces.
8. In the trace files, search traces using keywords createVolume or deleteVolume.
9. Obtain information about the user who performs the operation from the results in 5 and 8. Check whether the user performs any unauthorized operation or any operation that does not conform to the security operation rules.

4.2 Fault Locating

Scenarios

If a resource or an action encounters an exception, you can query records of the resource or action in a specified time period and view its request and response to facilitate fault locating.

Prerequisites
You have enabled CTS and the tracker is normal. For details about how to enable CTS, see Enabling CTS.

Procedure

The following steps use an ECS as an example to describe how to locate an ECS fault.
1. Log in to the management console using the administrator account.
2. Click in the upper left corner to select the desired region and project. 3. Click Service List and choose Management & Deployment > Cloud Trace
Service. 4. Choose Trace List in the navigation pane on the left. 5. On the trace list page, click Filter. In the displayed box, specify Trace Source,
Resource Type, and Search By, and click Query.
NOTE
For example, you can select ECS for Trace Source, ecs for Resource Type, and Resource IDfor Search By, enter ID of the faulty VM in the right text box, and set the time range to 06:00 to 12:00 at a certain date.
6. Check the query result. Pay attention to the request type and response of each trace, and traces whose status is warning or incident and traces whose response shows a failure.
The following steps take the locating of an ECS creation fault as an example.
1. Log in to the management console using the administrator account.
2. Click in the upper left corner to select the desired region and project.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

14

Cloud Trace Service User Guide

4 Application Examples

3. Click Service List and choose Management & Deployment > Cloud Trace Service.
4. Choose Trace List in the navigation pane on the left.
5. Specify filters based on the failed ECS creation task. For example, you can select ECS for Trace Source, ecs for Resource Type, and warning for the trace status to query the trace named createSingleServer.
6. Locate the fault based on the error code or error message in the trace.

4.3 Resource Tracking

Scenarios

This section describes how to view operation records of any cloud resource throughout its lifecycle and how to check details of a specific operation.

Prerequisites
You have enabled CTS and the tracker is normal. For details about how to enable CTS, see Enabling CTS.

Procedure

The following steps use an ECS as an example to describe how to view all operation records.
1. Log in to the management console using the administrator account.
2. Click in the upper left corner to select the desired region and project. 3. Click Service List and choose Management & Deployment > Cloud Trace
Service. 4. Choose Trace List in the navigation pane on the left. 5. On the trace list page, click Filter. In the displayed box, specify Trace Source,
Resource Type, and Search By, and click Query to query the specified traces.
NOTE
For example, you can select ECS for Trace Source, ecs for Resource Type, and Resource ID for Search By, enter ID of the faulty ECS in the right text box, and click Query to query traces of the last seven days.
6. Choose Tracker from the left pane to switch to the Tracker page and obtain the OBS bucket name.
7. Download traces generated in the last seven days or all traces. For details, see Querying Archived Traces.
8. Check all operation and change records of the ECS in the results obtained in 5 and 7.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

15

Cloud Trace Service User Guide

5 Trace References

5 Trace References

Trace Structure Example Traces

5.1 Trace Structure
The structure of a trace consists of multiple key fields. For details, see Table 5-1.
NOTE
 Formats of some fields displayed on the management console are optimized for easy understanding.
 This section describes the key fields of a trace displayed on the management console.

Table 5-1 Key fields of traces

Field

Mandatory

time

Yes

Type Date

Description
Time when a trace occurred.
The value is the local standard time (GMT+local time zone), for example, 12/08/2016 11:24:04 GMT+08:00. This field is transmitted and stored in the form of a timestamp. It is the total number of milliseconds from 00:00:00 on January 1, 1970 (UTC), or 08:00:00 on January 1, 1970 (CST) to the current time.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

16

Cloud Trace Service User Guide

5 Trace References

Field user

Mandatory Yes

Type Structure

request

No

Structure

response

No

Structure

service_type

Yes

resource_type Yes

resource_name No

resource_id

No

source_ip

Yes

String String String String String

trace_name

Yes

trace_status

Yes

String String

Description
Cloud account used to perform an operation This field is displayed in the Operator column on the Trace List page. This field is transmitted and stored in the API in the form of a string.
Content requested by an operation This field is transmitted and stored in the API in the form of a string.
Response to the request by an operation This field is transmitted and stored in the API in the form of a string.
Operation source
Resource type
Resource name
Unique resource ID
IP address of the user that performs an operation The value of this parameter is empty if the operation is triggered by the system.
Operation name
Trace level The value can be All trace statuses, normal, warning, or incident.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

17

Cloud Trace Service User Guide
Field trace_type
api_version message record_time trace_id code request_id location_info endpoint
resource_url

5 Trace References

Mandatory Yes

Type String

No

String

No

Structure

Yes

Number

Yes

String

No

Number

No

String

No

String

No

String

No

String

Description
Operation type There are types of operations:  ConsoleAction: operations
performed on the management console  SystemAction: operations triggered by the system  ApiCall: operations triggered by invoking ApiGateway.
API version of the cloud service on which an operation is performed
Supplementary information
Record time (time stamp) of an operation
Unique operation ID
Trace HTTP return code, for example, 200 or 400
Records the ID of the request.
Additional information required for fault locating after a request recording error occurs
Endpoint of the page that displays details of cloud resources involved in this operation
Access link (excluding the endpoint) of the page that displays details of cloud resources involved in this operation

5.2 Example Traces
This section provides two example traces and describes their key fields to help you understand the trace information. You can understand traces of other services in the similar way.
For details about the fields in a trace, see Trace Structure.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

18

Cloud Trace Service User Guide

Create an ECS
{ "time": "12/01/2016 11:07:28 GMT+08:00", "user": { "name": "aaa/op_service", "id": "f2fe9fac63414a35a7d03108d5f1ea73", "domain": { "name": "aaa", "id": "1f9b9ba51f6b4061bd5c1736b28469f8" } }, "request": { "server": { "name": "as-config-15f1_XWO68TFC", "imageRef": "b2b2c7dc-bbb0-4d6b-81dd-f0904023d54f", "flavorRef": "m1.tiny", "personality": [], "vpcid": "e4c374b9-3675-482c-9b81-4acd59745c2b", "nics": [ { "subnet_id": "fff89132-88d4-4e5b-9e27-d9001167d24f", "nictype": null, "ip_address": null, "binding:profile": null, "extra_dhcp_opts": null } ], "adminPass": "********", "count": 1, "metadata": { "op_svc_userid": "26e96eda18034ae9a44130bacb967b96" }, "availability_zone": "az1.dc1", "root_volume": { "volumetype": "SATA", "extendparam": { "resourceSpecCode": "SATA" }, "size": 40 }, "data_volumes": [], "security_groups": [ { "id": "dd597fd7-d119-4994-a22c-891fcfc54be1" } ], "key_name": "KeyPair-3e51" } }, "response": { "status": "SUCCESS", "entities": { "server_id": "42d39b4a-19b7-4ee2-b01b-a9f1353b4c54" }, "job_id": "4010b39d58b855980158b8574b270018", "job_type": "createSingleServer", "begin_time": "2016-12-01T03:04:38.437Z", "end_time": "2016-12-01T03:07:26.871Z", "error_code": null, "fail_reason": null }, "service_type": "ECS", "resource_type": "ecs", "resource_name": "as-config-15f1_XWO68TFC", "resource_id": "42d39b4a-19b7-4ee2-b01b-a9f1353b4c54", "source_ip": "", "trace_name": "createSingleServer", "trace_status": "normal", "trace_type": "SystemAction",

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

5 Trace References 19

Cloud Trace Service User Guide

5 Trace References

"api_version": "1.0", "record_time": "12/01/2016 11:07:28 GMT+08:00", "trace_id": "4abc3a67-b773-11e6-8412-8f0ed3cc97c6" }
Key fields in the preceding information are as follows:
 time: indicates the time when the trace occurred. In this example, the time is 11:07:28 on December 1.
 user: indicates the user who performs the operation. In this example, the user is aaa (name field) under the enterprise account aaa (domain field).
 request: indicates the request to create an ECS. It contains some basic information about the ECS, such as name (as-config-15f1_XWO68TFC) and resource ID (e4c374b9-3675-482c-9b81-4acd59745c2b).
 response: indicates the response to the ECS creation request. It contains status (Success in this example), error_code (null in this example), and fail_reason (null in this example).

Create an EVS Disk
{ "time": "12/01/2016 11:24:04 GMT+08:00", "user": { "name": "aaa", "id": "26e96eda18034ae9a44130bacb967b96", "domain": { "name": "aaa", "id": "1f9b9ba51f6b4061bd5c1736b28469f8" } }, "request": "", "response": "", "service_type": "EVS", "resource_type": "evs", "resource_name": "volume-39bc", "resource_id": "229142c0-2c2e-4f01-a1b4-2dfdf1c678c7", "source_ip": "10.146.230.124", "trace_name": "deleteVolume", "trace_status": "normal", "trace_type": "ConsoleAction", "api_version": "1.0", "record_time": ""12/01/2016 11:24:04 GMT+08:00", "trace_id": "c529254f-bcf5-11e6-a89a-7fc778a6c92c"
}
Key fields in the preceding information are as follows:
 time: indicates the time when the trace occurred. In this example, the time is 11:24:04 on December 1.
 user: indicates the user who performs the operation. In this example, the user is aaa (name field) under the enterprise account aaa (domain field).
 request: optional. It is null in this example.
 response: optional. It is null in this example.
 trace_status: indicates the level of the trace. It can replace the response field in indicating the operation result. In this example, the value is normal, indicating that the operation is successful.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

20

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

6 Supported Services and Operation Lists

Computing Storage Network Management & Deployment Database Security Enterprise Application Enterprise Intelligence Key Operations on DeC
6.1 Computing

6.1.1 Key Operations on ECS
Elastic Cloud Server (ECS) provides scalable, on-demand cloud servers for secure, flexible, and efficient application environments. An ECS is a computing server that consists of CPUs, memory, images, and EVS disks, and integrates virtual private cloud (VPC), virtual firewall, and multi-data-copy functions to ensure reliable, uninterrupted services.
With CTS, you can record operations associated with ECS for future query, audit, and backtrack operations.

Table 6-1 ECS operations that can be recorded by CTS

Operation

Resource Type Trace Name

Creating an ECS

ecs

createServer

Deleting an ECS

ecs

deleteServer

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

21

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Operation Starting an ECS Restarting an ECS Stopping an ECS Adding a NIC to an ECS Removing a NIC to an ECS Attaching a disk to an ECS Attaching a disk to an ECS (on the EVS console) Detaching a disk from an ECS Reinstalling the OS Changing the OS Modifying ECS specifications Adding the automatic recovery tag to a VM Deleting the automatic recovery tag from a VM Creating a security group

Resource Type ecs ecs ecs ecs ecs ecs ecs
ecs ecs ecs ecs ecs
ecs
ecs

Trace Name startServer rebootServer stopServer addNic deleteNic attachVolume attachVolume2
detachVolume reinstallOs changeOs resizeServer addAutoRecovery
deleteAutoRecovery
createSecurityGroup

6.1.2 Key Operations on IMS
Image Management Service (IMS) provides easy and convenient image management. You can use a public or private image to create an ECS. You can also create a private image using an existing ECS or an external image file.
With CTS, you can record operations associated with IMS for later query, audit, and backtrack operations.

Table 6-2 IMS operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Creating an image ims

createImage

Modifying an

ims

image

updateImage

Deleting images in ims batches

deleteImage

Copying an image ims

copyImage

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

22

Cloud Trace Service User Guide

Operation

Resource Type

Exporting an

ims

image

Adding a member ims

Modifying

ims

members in

batches

Deleting members ims in batches

6 Supported Services and Operation Lists Trace Name exportImage addMember updateMember
deleteMember

6.1.3 Key Operations on BMS
Bare Metal Servers (BMSs) provide dedicated physical servers in single-tenant environments. They provide excellent computing performance and data security for core databases, key application systems, and high performance computing. They also offer the high scalability of a cloud-based service. You can buy BMSs directly or in a DeC as you need.
With CTS, you can record operations associated with BMS for future query, audit, and backtrack operations.

Table 6-3 BMS operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Creating a BMS

bms

createBareMetalServers

Deleting a BMS

bms

deleteBareMetalServers

Starting a BMS

bms

startBareMetalServers

Stopping a BMS

bms

stopBareMetalServers

Restarting a BMS

bms

rebootBareMetalServers

Attaching a data disk bms to a BMS

attachDataVolume

Detaching a data disk bms from a BMS

detachDataVolume

6.1.4 Key Operations on CCE
Cloud Container Engine (CCE) is a high-performance, high-reliability service through which enterprises can manage containerized applications. CCE supports native Kubernetes applications and tools, allowing you to easily set up a container runtime environment on the cloud.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

23

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

With CTS, you can record operations associated with CCE for later query, audit, and backtrack operations.

Table 6-4 CCE operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Uploading a certificate aksk

uploadAKSK

Creating a cluster

cluster_cce

createCluster

Upgrading a cluster cluster_cce

upgradeCluster

Updating a cluster

cluster_cce

updateCluster

Deleting a cluster

cluster_cce

deleteCluster

Creating a node

node

createNode

Deleting a node

node

deleteNode

Creating a template component

createComponent

Updating a template component

updateComponent

Deleting a template component

deleteComponent

Creating an

app

application

createApp

Updating an

app

application

updateApp

Rolling back an

app

application

rollBackApp

Deleting an

app

application

deleteApp

Creating an

app

application using a

blueprint

createAppByBlueprint

Creating a blueprint blueprint

createBlueprint

Deleting a blueprint blueprint

deleteBlueprint

Updating a blueprint blueprint

updateBlueprint

Renaming a blueprint blueprint

renameBlueprint

Validating a blueprint blueprint

validateBlueprint

Deleting junk images image

garbageCollectImage

Deleting a specified image

image

deleteImage

Deleting a tag image image

deleteTagImage

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

24

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Operation

Resource Type

Updating the description of an image

image

Creating a policy

policy

Updating a policy

policy

Deleting a policy

policy

Enabling a policy

policy

Disabling a policy

policy

Creating a periodic or scheduled scaling policy

scaling_policy_cce

Deleting a periodic or scheduled scaling policy

scaling_policy_cce

Creating a cluster

clusters

Updating a cluster

clusters

Deleting a cluster

clusters

Creating a node

clusters-nodes

Adding a static node clusters-nodes

Updating a node

clusters-nodes

Deleting a host

clusters-nodes

Deleting all hosts

clusters-nodes

Suspending user

N/A

resources

Creating a ConfigMap configmaps

Creating a DaemonSet daemonsets

Creating a deployment deployments

Creating an event

events

Creating an ingress

ingress

Creating a job

jobs

Creating a namespace namespaces

Creating a node

nodes

Trace Name updateImageDesc
createPolicy updatePolicy deletePolicy enablePolicy disablePolicy createScalingPolicy
deleteScalingPolicy
createCluster updateCluster deleteCluster createNode addStaticNode updateNode deleteOneHost deleteAllHosts suspendUserResource
createConfigmaps createDaemonsets createDeployments createEvents createIngresses createJobs createNamespaces createNodes

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

25

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Operation

Resource Type

Creating a PersistentVolumeClaim

persistentvolumeclaims

Creating a pod

pods

Creating a replica set replicasets

Creating a resource quota

resourcequotas

Creating a key

secrets

Creating a service

services

Creating a StatefulSet statefulsets

Creating a volume

volumes

Deleting a ConfigMap configmaps

Deleting a DaemonSet daemonsets

Deleting a deployment deployments

Deleting an event

events

Deleting an ingress

ingresses

Deleting a job

jobs

Deleting a namespace namespaces

Deleting a node

nodes

Deleting a pod

pods

Deleting a replica set replicasets

Deleting a resource quota

resourcequotas

Deleting a secret

secrets

Deleting a service

services

Deleting a StatefulSet statefulsets

Deleting a volume

volumes

Replacing a specified ConfigMap

configmaps

Replacing a specified DaemonSet

daemonsets

Replacing a specified deployment

deployments

Trace Name createPersistentvolumeclaims
createPods createReplicasets createResourcequotas
createSecrets createServices createStatefulsets createVolumes deleteConfigmaps deleteDaemonsets deleteDeployments deleteEvents deleteIngresses deleteJobs deleteNamespaces deleteNodes deletePods deleteReplicasets deleteResourcequotas
deleteSecrets deleteServices deleteStatefulsets deleteVolumes updateConfigmaps
updateDaemonsets
updateDeployments

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

26

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Operation
Replacing a specified event
Replacing a specified ingress
Replacing a specified job
Replacing a specified namespace
Replacing a specified node
Replacing a specified PersistentVolumeClaim
Replacing a specified pod
Replacing a specified replica set
Replacing a specified resource quota
Replacing a specified secret
Replacing a specified service
Replacing a specified StatefulSet
Replacing the specified status
Uploading a chart
Updating a chart
Deleting a chart
Creating a template application
Updating a template application
Deleting a template application

Resource Type events ingresses jobs namespaces nodes persistentvolumeclaims pods replicasets resourcequotas secrets services statefulsets status uploadchart charts charts releases releases releases

Trace Name updateEvents updateIngresses updateJobs updateNamespaces updateNodes updatePersistentvolumeclaims
updatePods updateReplicasets updateResourcequotas updateSecrets updateServices updateStatefulsets updateStatus uploadChart updateChart deleteChart createRelease updateRelease deleteRelease

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

27

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

6.2 Storage

6.2.1 Key Operations on CSBS
Cloud Server Backup Service (CSBS) can back up an entire ECS. It can use the consistent backup data of multiple Elastic Volume Service (EVS) disks to restore the service data of an ECS. CSBS ensures data security and service continuity.
With CTS, you can record operations associated with CSBS for future query, audit, and backtrack operations.

Table 6-5 CSBS operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Creating a backup policy

backupPolicy

createBackupPolicy

Updating a backup policy

backupPolicy

updateBackupPolicy

Deleting a backup policy

backupPolicy

deleteBackupPolicy

Binding resources

backupPolicy

bindResources

Executing a backup

checkpointItem

createCheckpoint

Restoring a backup

checkpointItem

restoreCheckpointItem

Deleting a backup

checkpointItem

deleteCheckpointItem

Backing up an ECS

cloudServer

backupCloudServer

Deleting a task

operationLog

deleteOperationLog

6.2.2 Key Operations on EVS
Elastic Volume Service (EVS) is a scalable virtual block storage service that is based on the distributed architecture. EVS disks can be operated online. Using them is similar to using common server hard disks. Compared with common server hard disks, EVS disks have higher data reliability and I/O throughput capabilities. They are also easier to use. EVS disks apply to file systems, databases, or system software or other applications that require block storage devices.
With CTS, you can record operations associated with EVS for later query, audit, and backtrack operations.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

28

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Table 6-6 EVS operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Creating an EVS disk

evs

createVolume

Updating an EVS disk evs

updateVolume

Expanding an EVS disk evs

extendVolume

Deleting an EVS disk

evs

deleteVolume

6.2.3 Key Operations on VBS
Volume Backup Service (VBS) provides snapshot-based data protection for EVS disks on ECSs in public cloud environments. VBS supports both full and incremental backups. By default, the system performs a full backup initially, and then performs incremental backups. You can use those data backups generated in either backup mode to restore EVS disks to the state they were in when the backup was created.
With CTS, you can record operations associated with VBS for later query, audit, and backtrack operations.

Table 6-7 VBS operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Creating a backup vbs

bksCreateBackup

Deleting a backup vbs

bksDeleteBackup

Restoring a

vbs

backup

bksRestoreBackup

Binding a backup autobackup policy

addPolicyResource

Unbinding a backup policy

autobackup

deletePolicyResource

Executing a backup policy

autobackup

actionPolicy

Creating a backup autobackup policy

createPolicy

Deleting a backup autobackup policy

deletePolicy

Modifying a backup policy

autobackup

modifyPolicy

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

29

Cloud Trace Service User Guide

Operation

Resource Type

Creating backups scheduled by a backup policy

autobackup

Automatically deleting redundant backups scheduled by a backup policy

autobackup

Batch adding or modifying tags of a backup policy

autobackup

Batch deleting tags of a backup policy

autobackup

Adding or modifying a backup policy tag

autobackup

Deleting a backup autobackup policy tag

6 Supported Services and Operation Lists Trace Name scheduleCreateBackup scheduleDeleteBackup
batchAddPolicyTag batchDeletePolicyTag addPolicyTag deletePolicyTag

6.2.4 Key Operations on SDRS
Storage Disaster Recovery Service (SDRS) provides disaster recovery (DR) services for many public cloud services, such as Elastic Cloud Server (ECS), Dedicated Distributed Storage Service (DSS), and Elastic Volume Service (EVS). SDRS uses multiple technologies, such as storage replication, data redundancy, and cache acceleration, to provide high data reliability and service continuity for users.
With CTS, you can record operations associated with SDRS for future query, audit, and backtrack operations.

Table 6-8 SDRS operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Creating a protection group

protectionGroup

createProtectionGroupNoCG

Deleting a protection group

protectionGroup

deleteProtectionGroupNoCG

Updating a protection group

protectionGroup

updateProtectionGroup

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

30

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Operation

Resource Type

Enabling protection for a protection group (when the protection group is in the Available state)

protectionGroup

Enabling protection for a protection group (when the protection group is in the failed-over or failedover-back state)

protectionGroup

Disabling protection for a protectionGroup protection group

Executing a failover or failback

protectionGroup

Executing a planned failover or planned failback

protectionGroup

Action performed when a protectionGroup job of the protection group failed to submit

Creating a protected instance

protectedInstance

Deleting a protected instance

protectedInstance

Updating a protected instance

protectedInstance

Attaching a replication pair to a protected instance

protectedInstance

Detaching a replication pair from a protected instance

protectedInstance

Adding a NIC to a protected instance

protectedInstance

Deleting a NIC from a protected instance

protectedInstance

Modifying the specifications of a protected instance

protectedInstance

Creating a replication pair

replicationPair

Trace Name startProtectionGroupNoCG
reprotectProtectionGroupNoCG
stopProtectionGroupNoCG failoverProtectionGroupNoCG reverseProtectionGroupNoCG
protectionGroupAction
createProtectedInstanceNoCG deleteProtectedInstanceNoCG updateProtectedInstance
attachReplicationPair
detachReplicationPair
addNicNew
deleteNicNew
resizeProtectedInstanceNew
createReplicationPairNoCG

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

31

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Operation
Deleting a replication pair
Updating a replication pair
Expanding the capacity of a replication pair
Creating a DR drill

Resource Type replicationPair replicationPair replicationPair disasterRecoveryDrill

Deleting a DR drill Updating a DR drill

disasterRecoveryDrill disasterRecoveryDrill

Trace Name deleteReplicationPairNoCG updateReplicationPair
expandReplicationPairNew createDisasterRecoveryDrill deleteDrDrill updateDrDrill

6.3 Network

6.3.1 Key Operations on VPC
Virtual Private Cloud (VPC) enables you to provision logically isolated, configurable, and manageable virtual networks for ECSs, improving the security of resources in enterprise clouds and simplifying network deployment.
With CTS, you can record operations associated with VPC for future query, audit, and backtrack operations.

Table 6-9 VPC operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Modifying the bandwidth

bandwidth

modifyBandwidth

Creating an EIP

eip

createEip

Releasing an EIP

eip

deleteEip

Binding an EIP

eip

bindEip

Unbinding an EIP

eip

unbindEip

Assigning a private IP address

privateIps

createPrivateIp

Releasing a private IP address

privateIps

deletePrivateIp

Creating a security group

security_group

createSecurityGroup

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

32

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Operation Modifying a security group Creating a subnet Deleting a subnet Modifying a subnet Creating a VPC Deleting a VPC Modifying a VPC Creating a VPN Deleting a VPN Modifying a VPN Creating a NAT gateway Updating a NAT gateway Deleting a NAT gateway Creating an SNAT rule Deleting an SNAT rule Creating a DNAT rule Deleting a DNAT rule

Resource Type security_group
subnet subnet subnet vpc vpc vpc vpn vpn vpn natgateway
natgateway
natgateway
snatrule snatrule dnatrule dnatrule

Trace Name modifySecurityGroup
createSubnet deleteSubnet modifySubnet createVpc deleteVpc modifyVpc createVpn deleteVpn modifyVpn createNatGateway
updateNatGateway
deleteNatGateway
createSnatRule deleteSnatRule createDnatRule deleteDnatRule

6.3.2 Key Operations on Direct Connect
Direct Connect (DC) allows you to establish a private, dedicated network connection from your data center, office, or collocation environment to the public cloud platform. It reduces your network latency and provides a more consistent network experience than Internet-based connections.
With CTS, you can record operations associated with Direct Connect for later query, audit, and backtrack operations.

Table 6-10 DC operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Modifying a direct connection

dcaasConnection

modifyConnection

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

33

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

6.3.3 Key Operations on ELB
Elastic Load Balancing (ELB) is a service that automatically distributes access traffic to multiple ECSs to balance their service load. ELB enables you to achieve higher levels of fault tolerance in your applications and expand application service capabilities.
With a web-based console, you can create load balancers, configure the ports required for listening, and add backend ECSs for load balancers. ELB helps eliminate single points of failure (SPOFs), improving availability of the whole system.
With CTS, you can record operations associated with ELB for later query, audit, and backtrack operations.

Table 6-11 ELB operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Adding a backend ECS pool group

createPool

Modifying a backend ECS group

pool

updatePool

Deleting a backend ECS pool group

deletePool

Configuring a forwarding policy

l7policy

createL7policy

Modifying a forwarding l7policy policy

updateL7policy

Deleting a forwarding policy

l7policy

deleteL7policy

Configuring a forwarding rule

l7rule

createL7rule

Modifying a forwarding l7rule rule

updateL7rule

Deleting a forwarding rule

l7rule

deleteL7rule

Creating a health check healthmonitor

createHealthmonitor

Deleting a health check healthmonitor

updateHealthmonitor

Modifying a health check

healthmonitor

deleteHealthmonitor

Creating a certificate certificate

createCertificate

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

34

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Operation

Resource Type

Modifying a certificate certificate

Deleting a certificate certificate

Creating a listener

listener

Modifying a listener

listener

Deleting a listener

listener

Creating a load balancer

loadbalancer

Modifying a load balancer

loadbalancer

Deleting a load balancer

loadbalancer

Adding a backend ECS member

Removing a backend ECS

member

Configuring access logs accesslog

Trace Name updateCertificate deleteCertificate createListener updateListener deleteListener createLoadbalancer
updateLoadbalancer
deleteLoadbalancer
createMember deleteMember
createAccesslog

6.3.4 Region-level Key Operations on DNS
Domain Name Service (DNS) provides highly available and scalable authoritative DNS services and domain name management services. It translates domain names or application resources into IP addresses required for network connection. By doing so, visitors' access requests are directed to the desired resources.
With CTS, you can record operations associated with DNS for later query, audit, and backtrack operations.

Table 6-12 Region-level DNS operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Creating a record set in privateRecordSet a private zone

createPrivateRecordSet

Deleting a record set in privateRecordSet a private zone

deletePrivateRecordSet

Modifying a record set privateRecordSet in a private zone

updatePrivateRecordSet

Creating a private zone privateZone

createPrivateZone

Modifying a private zone

privateZone

updatePrivateZone

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

35

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Operation

Resource Type

Deleting a private zone privateZone

Associating a VPC

privateZone

Disassociating a VPC privateZone

Configuring a PTR Record

ptrRecord

Deleting a PTR record ptrRecord

Trace Name deletePrivateZone associateRouter disassociateRouter setPTRRecord
resetPTRRecord

6.3.5 Global-level Key Operations on DNS
Domain Name Service (DNS) provides highly available and scalable authoritative DNS services and domain name management services. It translates domain names or application resources into IP addresses required for network connection. By doing so, visitors' access requests are directed to the desired resources.
With CTS, you can record operations associated with DNS for later query, audit, and backtrack operations.

Table 6-13 Global-level DNS operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Creating a record set in a publicRecordSet public zone

createPublicRecordSet

Deleting a record set in a publicRecordSet public zone

deletePublicRecordSet

Modifying a record set in a publicRecordSet public zone

updatePublicRecordSet

Creating a public zone

publicZone

createPublicZone

Modifying a public zone publicZone

updatePublicZone

Deleting a public zone

publicZone

deletePublicZone

Adding tags to a public zone

publicZoneTag

createPublicZoneTag

Deleting tags of a public zone

publicZoneTag

deletePublicZoneTag

Adding tags to a record set in a public zone

publicRecordSet- createPublicRecordSetTag Tag

Deleting tags of a record set in a public zone

publicRecordSetTag

deletePublicRecordSetTag

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

36

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Operation
Adding tags to a private zone
Deleting tags of a private zone
Adding tags to a record set in a private zone
Deleting tags of a record set in a private zone
Adding tags to a PTR record
Deleting tags of a PTR record

Resource Type privateZoneTag

Trace Name createPrivateZoneTag

privateZoneTag deletePrivateZoneTag

privateRecordSetTag
privateRecordSetTag
ptrRecordTag

createPrivateRecordSetTag deletePrivateRecordSetTag createPTRRecordSetTag

ptrRecordTag

deletePTRRecordTag

6.4 Management & Deployment

6.4.1 Key Operations on CTS
Cloud Trace Service (CTS) provides records of operations on cloud service resources. With CTS, you can query, audit, and backtrack these operations.
With CTS, you can record operations associated with CTS itself for later query, audit, and backtrack operations.

Table 6-14 CTS operations that can be recorded by itself

Operation

Resource Type

Trace Name

Creating a tracker

tracker

createTracker

Modifying a tracker

tracker

updateTracker

Disabling a tracker

tracker

updateTracker

Enabling a tracker

tracker

updateTracker

Deleting a tracker

tracker

deleteTracker

6.4.2 Key Operations on Cloud Eye
Cloud Eye is an open monitoring platform. It provides monitoring, alarm reporting, and alarm notification for your resources in near-real time.
With CTS, you can record operations associated with Cloud Eye for future query, audit, and backtracking operations.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

37

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Table 6-15 Cloud Eye operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Adding an alarm rule

alarm_rule

createAlarmRule

Deleting an alarm rule

alarm_rule

deleteAlarmRule

Disabling an alarm rule

alarm_rule

disableAlarmRule

Enabling an alarm rule

alarm_rule

enableAlarmRule

Modifying an alarm rule alarm_rule

updateAlarmRule

Updating the alarm status alarm_rule to alarm

alarmStatusChangeToAlarm

Updating the alarm status alarm_rule to insufficient data

alarmStatusChangeToInsufficientData

Updating the alarm status alarm_rule to normal

alarmStatusChangeToOk

Creating a custom alarm template

alarm_template

createAlarmTemplate

Deleting a custom alarm template

alarm_template

deleteAlarmTemplate

Modifying a custom alarm alarm_template template

updateAlarmTemplate

Creating a monitoring panel

dashboard

createDashboard

Deleting a monitoring panel

dashboard

deleteDashboard

Modifying a monitoring panel

dashboard

updateDashboard

Adding monitoring data metric

addMetricData

Exporting monitoring data metric

downloadMetricsReport

6.4.3 Key Operations on IAM
Identity and Access Management (IAM) enables you to centrally manage authentication information, including your authenticated email, phone number, and password. When you invoke an API to apply for an ECS, manage cloud resources, or log in to the public cloud platform in multi-tenant mode, you can query the required project ID, AK/SK, and username in real time.
With CTS, you can record operations associated with IAM for future query, audit, and backtrack operations.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

38

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

NOTE
IAM is a global-level service and IAM traces are only displayed in the central region of the current site.

Table 6-16 IAM operations that can be recorded by CTS

Operation

Resource Type Trace Name

Creating a token

token

createTokenByPwd

Creating a token

token

createTokenByHwAccessKey

Creating a token

token

createTokenByToken

Creating a token

token

createTokenByAssumeRole

Creating a token

token

createTokenByHwRenewToken

User login

user

login

User logout

user

logout

Changing a user password user

changePassword

Creating a user

user

createUser

Modifying user

user

updateUser

information

Deleting a user

user

deleteUser

Changing a user password user

updateUserPwd

Creating an AK/SK

user

addCredential

Deleting an AK/SK

user

deleteCredential

Changing an email

user

address

modifyUserEmail

Changing a mobile phone user number

modifyUserMobile

Changing a password

user

modifyUserPassword

Enabling two-factor

user

authentication for login

modifySMVerify

Uploading a user picture user

modifyUserPicture

Setting a user password user

setPasswordByAdmin

Creating a user group

userGroup

createGroup

Modifying a user group

userGroup

updateGroup

Deleting a user group

userGroup

deleteGroup

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

39

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Operation

Resource Type Trace Name

Adding a user to a user group

userGroup

addUserToGroup

Deleting a user from a user group

userGroup

removeUserFromGroup

Creating a project

project

createProject

Changing a project

project

updateProject

Deleting a project

project

deleteProject

Updating the project status

project

updateProjectStatus

Canceling a project deletion task

project

cancelProjectDeletion

Creating an agency

agency

createAgency

Modifying an agency

agency

updateAgency

Deleting an agency

agency

deleteAgency

Switching the role

agency

switchRole

Registering an identity provider

identityProvider createIdentityProvider

Modifying an identity provider

identityProvider updateIdentityProvider

Deleting an identity provider

identityProvider deleteIdentityProvider

Updating IDP metadata

identityProvider updateMetaConfigure

Updating preset IDP metadata

identityProvider updateSystemMetaConfigure

Creating a mapping

mapping

createMapping

Updating a mapping

mapping

updateMapping

Deleting a mapping

mapping

deleteMapping

Creating a protocol

protocol

createProtocol

Changing a protocol

protocol

updateProtocol

Deleting a protocol

protocol

deleteProtocol

Granting permissions to an roleAgencyDom assignRoleToAgencyOnDomain agency based on tenant ain information

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

40

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Operation

Resource Type Trace Name

Revoking permissions from roleAgencyDom unassignRoleToAgencyOnDo-

an agency based on

ain

main

tenant information

Granting permissions to an roleAgencyProje assignRoleToAgencyOnProject agency based on project ct Information

Deleting permissions from an agency based on project information

roleAgencyProje unassignRoleToAgencyOnProject ct

Granting permissions to a roleGroupDoma assignRoleToGroupOnDomain

user group of a tenant

in

Deleting permissions of a specified user group of a tenant

roleGroupDoma unassignRoleToGroupOnDomain in

Assigning permissions to a roleGroupProjec assignRoleToGroupOnProject user group corresponding t to a project

Revoking permissions from roleGroupProjec unassignRoleToGroupOnProject

a user group

t

corresponding to a project

Modifying a security policy domain

updateSecurityPolicies

Updating a password policy

domain

updatePasswordPolicies

Modifying an ACL policy domain

updateACLPolicies

Updating a security warning policy

domain

updateWarningPolicies

Creating a domain

domain

createDomain

6.4.4 Key Operations on RTS
Resource Template Service (RTS) provides templates for combining cloud resources and allows users to automatically create cloud resources they need using templates.
With CTS, you can record operations associated with RTS for later query, audit, and backtrack operations.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

41

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Table 6-17 RTS operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Creating a configuration software_configs

createSoftwareConfigs

Deleting a configuration software_configs

deleteSoftwareConfigs

Creating a deployment software_deployments createSoftwareDeployments

Deleting a deployment software_deployments deleteSoftwareDeployments

Updating a deployment software_deployments updateSoftwareDeployments

Stack management actions, such as canceling stack update or checking stack resources

stacks

createStacksActions

Sending a signal to resources in a stack

stacks

createStacksResourcesSignal

Creating a stack

stacks

createStacks

Deleting a stack

stacks

deleteStacks

Updating a stack

stacks

updateStacks

Previewing a stack

stacks

createStacksPreview

Identifying a resource as stacks unhealthy

patchStacksResource

Validating a template validate

createValidate

6.4.5 Key Operations on TMS
Tag Management Service (TMS) is a visualized service for fast, unified tag management that enables you to control your resource permissions and billing more efficiently. It allows you to tag and categorize cloud services across regions, and it can be accessed through the TMS console or using APIs.
With CTS, you can record operations associated with TMS for future query, audit, and backtrack operations.
NOTE
TMS is a global-level service and TMS traces are only displayed in the central region of the current site.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

42

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Table 6-18 TMS operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Adding a predefined tag application

addTag

Deleting a predefined tag

application

deleteTag

Modifying a predefined application tag

modifyTag

Creating a resource tag application

addResourceTag

Deleting a resource tag application

deleteResourceTag

6.5 Database

6.5.1 Key Operations on RDS
Relational Database Service (RDS) is a cloud-based web service that is reliable, scalable, easy to manage, and immediately ready for use.
With CTS, you can record operations associated with RDS for future query, audit, and backtrack operations.

Table 6-19 RDS operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Creating a DB instance, restoring data to a new DB instance, creating a read replica (using the console, Open API, or Trove API)

instance

createInstance

Restarting and scaling up a DB instance, changing the DB instance class, and restoring data to the old DB instance (using the console, Open API, or Trove API)

instance

instanceAction

Resetting the password (using the console)

instance

resetPassword

Setting the DB version parameters (using Open API)

instance

setDBParameters

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

43

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Operation

Resource Type

Resetting the DN version instance parameters (using Open API)

Setting Backup Policy to On, Off, or Modify (using the console or Open API)

instance

Modifying the DB port number (using the console)

instance

Binding or unbinding an elastic IP address (using the console)

instance

Modifying a security group (using the console)

instance

Creating a tag (using the instance console or Open API)

Deleting a tag (using the instance console or Open API)

Modifying a tag (using instance the console or Open API)

Deleting a DB instance from a cluster (using the console, Open API, or Trove API)

instance

Creating a snapshot (using the console or Open API)

backup

Copying a snapshot (using the console)

backup

Deleting a snapshot (using the console or Open API)

backup

Creating a parameter

config

group (using the console

or Trove API)

Modifying a parameter config group (using the console or Trove API)

Trace Name resetDBParameters setBackupPolicy
changeInstancePort setOrResetPublicIP modifySecurityGroup createTag deleteTag modifyTag deleteInstance
createManualSnapshot copySnapshot deleteManualSnapshot createParameterGroup updateParameterGroup

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

44

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Operation

Resource Type

Deleting a parameter

config

group (using the console

or Trove API)

Copying a parameter group (using the console)

config

Resetting a parameter group (using the console)

config

Comparing parameter groups (using the console)

config

Applying a parameter group (using the console)

config

Trace Name deleteParameterGroup copyParameterGroup resetParameterGroup compareParameterGroup applyParameterGroup

6.6 Security

6.6.1 Key Operations on Anti-DDoS
Anti-DDoS is a network security service that defends IP addresses against distributed denial of service (DDoS) attacks.
Anti-DDoS monitors traffic directed to specified IP addresses in real time and detects access traffic at network egresses to discover DDoS attacks as soon as possible. It then cleans abnormal traffic according to user-configured defense policies so that services run as normal. It also generates reports to present users with a clear evaluation of network security.
With CTS, you can record operations associated with Anti-DDoS for future query, audit, and backtrack operations.

Table 6-20 Anti-DDoS operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Enabling Anti-DDoS

anti-ddos

openAntiddos

Disabling Anti-DDoS

anti-ddos

deleteAntiddos

Updating Anti-DDoS

anti-ddos

updateAntiddos

6.7 Enterprise Application

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

45

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

6.7.1 Key Operations on Workspace
Workspace is a cloud computing­based desktop service that is superior to traditional desktop services. Workspace supports access by various devices, including PCs running Windows or Mac, iPad, iPhone, and Android smart devices. It enables you to access, store, and obtain files and applications anywhere and at any time, that is, mobile working and entertainment. Workspace provides configuration similar to a traditional desktop, including vCPU, GPU, memory, disks, and Windows. You can use it in the same way you use a PC.
With CTS, you can record operations associated with Workspace for later query, audit, and backtrack operations.

Table 6-21 Workspace operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Updating the status of workspace a cloud service

updateDesktopMetadata

Subscribing to Workspace

workspace

orderVm

Restarting a VM

workspace

rebootDesktop

Stopping a VM

workspace

shutdownDesktop

Starting a VM

workspace

startDesktop

Deleting a VM

workspace

deleteDesktop

Updating the status of workspace a desktop

updateDesktopStatus

Deleting user information

workspace

deleteUser

Exporting user information

workspace

exportUserInfo

Unlocking a user

workspace

unlockUser

Resetting the password

workspace

resetUserPassword

Downloading a user template

workspace

downloadUserModel

Deleting an ondemand task

workspace

deleteJob

Applying for modifying workspace the password (the domain user)

updateDomainUserPassword

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

46

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

Operation

Resource Type

Synchronizing the resource tenants (Identity and Access Management)

workspace

Updating the policy group

workspace

Enabling Workspace workspace

Changing the domain workspace password

Disabling Workspace workspace

Retrying failed Workspace enabling and disabling tasks

workspace

Restoring the infrastructure VM

workspace

Modifying the desktop workspace attributes

Updating the domain workspace name

Trace Name synIamResourceTenant
updatePolicy openService updateAdPwd tenantClose tenantRetryServiceTask
restoreManagerVmBackup modifyDesktopAttributes updateRecordSet

6.8 Enterprise Intelligence

6.8.1 Key Operations on MRS
MapReduce Service (MRS) is a data processing and analysis service that is based on a cloud computing platform. It is stable, reliable, scalable, and easy to manage.
With CTS, you can record operations associated with MRS for later query, audit, and backtrack operations.

Table 6-22 MRS operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Creating a cluster

cluster

createCluster

Deleting a cluster

cluster

deleteCluster

Expanding a cluster

cluster

scaleOutCluster

Shrinking a cluster

cluster

scaleInCluster

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

47

Cloud Trace Service User Guide

6 Supported Services and Operation Lists

6.9 Key Operations on DeC
Dedicated Cloud (DeC) provides isolated virtual resource pools on the public cloud. You have exclusive use of all physical devices, computing and network resources, and reliable distributed storage inside a DeC.
With CTS, you can record operations associated with DeC for future query, audit, and backtrack operations.

Table 6-23 DeC operations that can be recorded by CTS

Operation

Resource Type

Trace Name

Enabling DeC

dec

openDEC

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

48

Cloud Trace Service User Guide

7 Quota Adjustment

7 Quota Adjustment

What Is the Quota?
Quotas are enforced for service resources on the platform to prevent unforeseen spikes in resource usage. Quotas can limit the number or amount of resources available to users. For example, the CTS quota limits the number of key event notifications that you can create.
If the existing resource quota cannot meet your service requirements, you can apply for a higher quota.

How do I View My Quota?
1. Log in to the management console.

2. Click

(the My Quota icon) in the upper right corner of the page.

The Service Quota page is displayed.

3. On this page, you can view the total quota and used quota of resources.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

49

Cloud Trace Service User Guide

8 FAQs

8 FAQs

Can I Create Multiple Trackers? Which Type of Information Is Displayed on the Trace List? Can Information Be Deleted from the Trace List? What Users May Require CTS? How Long Can Trace Files Be Retained? What Will Happen If I Have Enabled CTS But Have Not Configured a Correct Policy for the OBS Bucket? Does CTS Support Integrity Verification of Trace Files? Will Performance of Other Cloud Service Resources Be Affected If I Enable CTS? Why Are Fields of Some Traces Displayed Null on the View Trace Page? Why Are the of Some Traces in the Trace List Hyperlinks? Why Do Some Operation Records Occur Twice in the Trace List? Why Are user_name and op_service Displayed When I Filter Traces by User? Which Type of OBS Buckets Is Suitable for CTS to Store Traces? Why Are user and source_ip Empty for Some Traces with trace_type as systemAction? What Are the Meanings of the Three Trace Statuses?

8.1 Can I Create Multiple Trackers?
Currently, only one tracker can be created for each user.

8.2 Which Type of Information Is Displayed on the Trace List?
The trace list records two types of traces: management traces and data traces. Management traces refer to the details about creating, configuring, and deleting

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

50

Cloud Trace Service User Guide

8 FAQs

cloud service resources in cloud accounts. Data traces refer to operation logs of data, such as data uploading and downloading. The trace list does not record information about query operations.

8.3 Can Information Be Deleted from the Trace List?
This operation is not allowed. According to the regulations of SAC/TC and international information and data security management departments, logs used for auditing must be objective, comprehensive, and accurate. For this reason, the deletion and modification functions are not provided.

8.4 What Users May Require CTS?
All cloud users need to enable CTS.
 From the perspective of policies and industry standards, CTS is essential to information security audit. It is also important to information system security risk control of enterprises and public institutions, and necessary for many industry standards and audit specifications.
 From the perspective of application, CTS helps reduce fault locating time and manpower costs when cloud resources encounter an exception. With CTS, you can locate all operations involved by the fault to narrow the troubleshooting scope.

8.5 How Long Can Trace Files Be Retained?
By default, CTS stores the last seven days of trace files on the management console and can deliver traces to OBS buckets for a longer duration.

8.6 What Will Happen If I Have Enabled CTS But Have Not Configured a Correct Policy for the OBS Bucket?
In this case, CTS will deliver trace files based on the existing OBS bucket policy. If the policy is incorrectly configured, CTS may not deliver trace files to the OBS bucket.
If an OBS bucket has been deleted or encounters an exception, an error message will be displayed on the management console. In this case, you can choose to create an OBS bucket or reconfigure the access permissions of the OBS bucket. For detailed operations, see section "Bucket Management" in the Object Storage Service User Guide.

8.7 Does CTS Support Integrity Verification of Trace Files?
Yes. The following fields must be included: time, service_type, resource_type, trace_name, trace_status, and trace_type. Other fields are defined by different services.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

51

Cloud Trace Service User Guide

8 FAQs

8.8 Will Performance of Other Cloud Service Resources Be Affected If I Enable CTS?
No. Enabling CTS does not affect the performance of other cloud resources.
8.9 Why Are Fields of Some Traces Displayed Null on the View Trace Page?
Fields source_ip, code, request, response, and message can be null. These fields are not mandatory for CTS.
 source_ip: If the value of trace_type is SystemAction, the operation is triggered by the system. It is normal that the source_ip field is empty.
 request, response, and code: These three fields indicate the request content, request result, and HTTP return code of an operation. In some cases, these fields are empty or have no service meaning. Therefore, they are left blank based on actual situations.
 message: This is a reserved field. Additional information of other cloud services will be added in this field when necessary. It is normal that it is left blank.
8.10 Why Are the of Some Traces in the Trace List Hyperlinks?
For ECS, EVS, VBS, IMS, AS, Cloud Eye, and VPC, you can click of some traces to go to the resource details page. The resource ID of such a trace is a hyperlink. More traces will be supported in future.
8.11 Why Do Some Operation Records Occur Twice in the Trace List?
For an asynchronously invoked trace, two records with the same trace name, resource type, and resource name will be generated. In the trace list, two records are displayed for the same trace, for example, the deleteDesktop trace of Workspace. The two records are associated, but have different content because they are not invoked at the same time. Details are as follows:
 The first record contains the request of a user to perform an operation.  The second record contains the response to the user request and operation
result, and is usually several minutes later than the first record.
The two records together indicate the operation result.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

52

Cloud Trace Service User Guide

8 FAQs

8.12 Why Are user_name and op_service Displayed When I Filter Traces by User?
If you submit a request that involves operations requiring high permissions or invocation of other services, you may not have the required permissions. In this case, your permissions will be elevated temporarily on condition that security requirements are met. Your permissions will be resumed after the request is processed, but the permissions elevation will be recorded in CTS logs and the operation user is recorded as user_name or op_service.
8.13 Which Type of OBS Buckets Is Suitable for CTS to Store Traces?
OBS provides three storage classes of buckets for storage, respectively standard access, infrequent access, or archive. You must select a standard OBS bucket because CTS needs to frequently access the OBS bucket that stores traces.
8.14 Why Are user and source_ip Empty for Some Traces with trace_type as systemAction?
The trace_type field indicates the request resource. This field can be ConsoleAction, ApiCall, and SystemAction.
SystemAction indicates that the operations are not triggered by users, such as automatic alarms, elastic scaling, scheduled backup tasks, and secondary invocations generated within the system to respond to the user's request. In this case, no user or device that triggers an operation exists. Therefore, user and source_ip are both empty.
8.15 What Are the Meanings of the Three Trace Statuses?
The trace status is defined based on trace_status information recorded in a trace. Different fields have different meanings as follows:  normal: indicates that this operation succeeded.  warning: indicates that this operation failed.  incident: indicates that this operation causes a more serious consequence
than a failure, for example, causing a node failure or service interruption.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

53

Cloud Trace Service User Guide
Release On 2018-07-30

A Change History
A Change History
What's New This issue is the first official release.

Issue 01 (2020-09-29)

Copyright © Huawei Technologies Co., Ltd.

54


AH Formatter V6.2 MR8 for Windows : 6.2.10.20473 (2015/04/14 10:00JST) Antenna House PDF Output Library 6.2.680 (Windows)

Search Any Device: