tencent cloud

Tencent Container Security Service

Release Notes
Product Introduction
Overview
Strengths
Use Cases
Features and Versions
Purchase Guide
Applying for Trial
Purchasing Pro Edition
Purchasing Image Scan
Purchasing Log Analysis
Getting Started
Operation Guide
Security Overview
Asset Management
Vulnerability Detection
Image Risk Management
Cluster Risk Management
Baseline Management
Runtime Security
Advanced Defense
Policy Management
Protection Switch
Alarm Settings
Log Analysis
Hybrid Cloud Installation Guide
Compromised Container Isolation
Log Field Data Parsing
Practical Tutorial
Mirror Vulnerability Scanning and Vulnerability Management
Troubleshooting
Offline Linux Client
Troubleshooting for Cluster Access
API Documentation
History
Introduction
API Category
Making API Requests
Network Security APIs
Cluster Security APIs
Security Compliance APIs
Runtime security - High-risk syscalls
Runtime Security - Reverse Shell APIs
Runtime Security APIs
Alert Settings APIs
Advanced prevention - K8s API abnormal requests
Asset Management APIs
Security Operations - Log Analysis APIs
Runtime Security - Trojan Call APIs
Runtime Security - Container Escape APIs
Image Security APIs
Billing APIs
Data Types
Error Codes
FAQs
TCSS Policy
Privacy Policy
Data Processing And Security Agreement
Contact Us
Glossary
DocumentationTencent Container Security ServiceOperation GuideLog AnalysisOverview

Overview

PDF
Focus Mode
Font Size
Last updated: 2024-01-23 15:44:44
This document describes how to use the log analysis feature, view the container bash logs, container startup audit logs, and Kubernetes API audit logs, and configure and ship logs.

Background

Log analysis provides container bash logs, container startup audit logs, and Kubernetes API audit logs, supports statement search and query, and offers visual report, statistical analysis, and export features. It helps you quickly query the business logs, trace the container security events, and improve the operations efficiency.
Container bash logs: Provide bash log audit to help you trace abnormal processes.
Container startup audit logs: Provide container startup log audit to help you log container startups.
Kubernetes API audit logs: Help you log Kubernetes API calls.
We recommend you enable the log audit feature for core assets and purchase storage as needed for log data collection and retention.
TCSS Pro Edition provides the log collection feature. We recommend you purchase the Pro Edition and then log storage. If you have purchased log storage but the capacity becomes insufficient, the log analysis service will clear historical log data. We recommend you expand the storage capacity promptly.

Prerequisites

Log analysis and storage is a value-added service of TCSS. You need to purchase it separately on the TCSS purchase page.
Previous Topic: Alarm SettingsNext Topic: Querying Log

Help and Support

Was this page helpful?

Help us improve! Rate your documentation experience in 5 mins.

Feedback