Cloud Log Service (CLS)

Last updated:2025-08-19 14:28:35

Cloud Log Service (CLS)

Last updated: 2025-08-19 14:28:35

Bastion Host supports the transfer logs to Cloud Log Service (CLS), enabling a comprehensive log service that covers log collection, log storage, and log retrieval.
Note:
Cloud Log Service (CLS) is an independently billed third-party cloud product. For billing standards, see CLS Purchase Guide.
Prerequisites
CLS has been activated.
The role authorization for the current account has been completed.
Activating CLS and Role Authorization
The first time you use CLS, activate CLS and complete the role authorization.
1. Log in to the BH console.
2. In the left sidebar, select System Settings > Cloud Log Service (CLS).
3. On the Cloud Log Service (CLS) page, click go to Authorization.
﻿
﻿
﻿
4. In the Service Authorization pop-up window, click Agree to Authorize to complete the authorization operation.
5. After the operation is completed, CLS is available.
Definition of Command Execution Audit Logs
Field Value
Type
Description
Sid
String
Session ID, used to uniquely identify a session.
UserName
String
Username, representing the name of the user executing the operation.
Account
String
Account.
InstanceId
String
Asset ID, used to identify a specific asset.
FromIp
String
Source IP address, the IP address from which the request is sent.
SessTime
String
Session start time, the moment the session is initiated.
Time
String
Command execution time, the exact moment the specific command is executed.
TimeOffset
Long
Offset from the session start time (in ms), indicating the time difference between the command execution time and the session start time.
Cmd
String
Command content, the specific command executed.
Action
Long
Command action, 1 indicates allowing command execution, 2 indicates denying command execution.
Definition of File Transfer Audit Logs
Field Name
Type
Description
Sid
String
Session ID, used to uniquely identify a session.
Time
String
Session time, the moment the session occurs.
Method
Long
1-9 are used for SFTP file transfer and disk mapping, while clipboard usage starts from 10.
1: File upload
2: File download
3: File deletion
4: Move folders
5: Rename folders
6: Create folders
7: Deprecated status
8: Deprecated status
9: Delete folders
10: Clipboard file upload
11: Clipboard file download
12: Clipboard text upload
13: Clipboard text download
14: Clipboard image upload
15: Clipboard image download
16: Other types of clipboard uploads
17: Other types of clipboard downloads
Action
Long
Command action, 1 indicates allowing command execution, and 2 indicates denying command execution.
UserName
String
Username, representing the name of the user executing the operation.
Account
String
Account
FromIp
String
Source IP address, the IP address from which the request is sent.
InstanceId
String
Asset ID, used to identify a specific asset.
Protocol
String
Protocols used for file operations, such as SFTP, RDP, and rz/sz.
FileCurr
String
Source file path.
FileNew
String
Target file path.
Size
Long
File size.
Enabling CLS
1. Log in to the BH console.
2. In the left sidebar, select System Settings > Cloud Log Service (CLS).
3. On the CLS page, select the log type to be enabled and click Enable now.
﻿
4. In the Enable Log Shipping pop-up window, select the target region, logset, log topic, and other configurations.
﻿
Parameter
Description
Target Region
Select the region for log shipping. Cross-region shipping is supported.
Log topic operation
Log topic is the fundamental cell for log data collection, storage, search and analysis. Selecting an existing log topic or creating a topic is supported.
Log topic
Select existing log topic: You can filter log topics under the selected logset in the search box.
Create log topic: Create a log topic under the selected logset.
Note:
You can manage the log topic. For details, see Managing Log Topics.
Logset operation
A logset is a categorization of log topics, making it easier to manage log topics. Selecting an existing logset or creating a logset is supported. This option is available only when the log topic operation is set to Create a Log Topic.
Logset
Select the existing logset: You can filter the existing logset in the search box.
Create a logset: This option is available only when the log topic operation is set to Create a Log Topic.
5. After the parameter configuration is selected, click Enable Now.
Retrieval and Analysis
1. Log in to the BH console.
2. In the left sidebar, select System Settings > Cloud Log Service (CLS).
3. On the CLS page, select the log type to view, click Search and Analysis, and navigate to the CLS console.
﻿
﻿
4. In CLS, Search and Analysis support filtering, searching, and statistical analysis of log data. For details, see Search and Analysis.
Disabling Shipping
1. Log in to the BH console.
2. In the left sidebar, select System Settings > Cloud Log Service (CLS).
3. On the Cloud Log Service (CLS) page, select the log type to be disabled, and click Disable Shipping.
﻿
4. In the Disabling Log Shipping pop-up window, read the precautions and check Disable, then click Confirm.
﻿
Note:
After log shipping is disabled, the shipping of Bastion Host logs will be stopped.
After log shipping is disabled, only the shipping of new logs will be stopped. The existing logs will continue to be stored in the log topic until they expire, and storage fees will continue to be incurred during this period. If you want to delete a log topic, go to Log Topic Management to do so.
﻿
﻿

Was this page helpful?

You can also Contact Sales or Submit a Ticket for help.

Yes

Feedback

Field Value	Type	Description
Sid	String	Session ID, used to uniquely identify a session.
UserName	String	Username, representing the name of the user executing the operation.
Account	String	Account.
InstanceId	String	Asset ID, used to identify a specific asset.
FromIp	String	Source IP address, the IP address from which the request is sent.
SessTime	String	Session start time, the moment the session is initiated.
Time	String	Command execution time, the exact moment the specific command is executed.
TimeOffset	Long	Offset from the session start time (in ms), indicating the time difference between the command execution time and the session start time.
Cmd	String	Command content, the specific command executed.
Action	Long	Command action, 1 indicates allowing command execution, 2 indicates denying command execution.

Field Name	Type	Description
Sid	String	Session ID, used to uniquely identify a session.
Time	String	Session time, the moment the session occurs.
Method	Long	1-9 are used for SFTP file transfer and disk mapping, while clipboard usage starts from 10. 1: File upload 2: File download 3: File deletion 4: Move folders 5: Rename folders 6: Create folders 7: Deprecated status 8: Deprecated status 9: Delete folders 10: Clipboard file upload 11: Clipboard file download 12: Clipboard text upload 13: Clipboard text download 14: Clipboard image upload 15: Clipboard image download 16: Other types of clipboard uploads 17: Other types of clipboard downloads
Action	Long	Command action, 1 indicates allowing command execution, and 2 indicates denying command execution.
UserName	String	Username, representing the name of the user executing the operation.
Account	String	Account
FromIp	String	Source IP address, the IP address from which the request is sent.
InstanceId	String	Asset ID, used to identify a specific asset.
Protocol	String	Protocols used for file operations, such as SFTP, RDP, and rz/sz.
FileCurr	String	Source file path.
FileNew	String	Target file path.
Size	Long	File size.

Parameter	Description
Target Region	Select the region for log shipping. Cross-region shipping is supported.
Log topic operation	Log topic is the fundamental cell for log data collection, storage, search and analysis. Selecting an existing log topic or creating a topic is supported.
Log topic	Select existing log topic: You can filter log topics under the selected logset in the search box. Create log topic: Create a log topic under the selected logset. Note: You can manage the log topic. For details, see Managing Log Topics.
Logset operation	A logset is a categorization of log topics, making it easier to manage log topics. Selecting an existing logset or creating a logset is supported. This option is available only when the log topic operation is set to Create a Log Topic.
Logset	Select the existing logset: You can filter the existing logset in the search box. Create a logset: This option is available only when the log topic operation is set to Create a Log Topic.

tencent cloud

Prerequisites

Activating CLS and Role Authorization

Definition of Command Execution Audit Logs

Definition of File Transfer Audit Logs

Enabling CLS

Retrieval and Analysis

Disabling Shipping