tencent cloud

Cloud Object Storage

Release Notes and Announcements
Release Notes
Announcements
Product Introduction
Overview
Features
Use Cases
Strengths
Concepts
Regions and Access Endpoints
Specifications and Limits
Service Regions and Service Providers
Billing
Billing Overview
Billing Method
Billable Items
Free Tier
Billing Examples
Viewing and Downloading Bill
Payment Overdue
FAQs
Getting Started
Console
Getting Started with COSBrowser
User Guide
Creating Request
Bucket
Object
Data Management
Batch Operation
Global Acceleration
Monitoring and Alarms
Operations Center
Data Processing
Content Moderation
Smart Toolbox
Data Processing Workflow
Application Integration
User Tools
Tool Overview
Installation and Configuration of Environment
COSBrowser
COSCLI (Beta)
COSCMD
COS Migration
FTP Server
Hadoop
COSDistCp
HDFS TO COS
GooseFS-Lite
Online Tools
Diagnostic Tool
Use Cases
Overview
Access Control and Permission Management
Performance Optimization
Accessing COS with AWS S3 SDK
Data Disaster Recovery and Backup
Domain Name Management Practice
Image Processing
Audio/Video Practices
Workflow
Direct Data Upload
Content Moderation
Data Security
Data Verification
Big Data Practice
COS Cost Optimization Solutions
Using COS in the Third-party Applications
Migration Guide
Migrating Local Data to COS
Migrating Data from Third-Party Cloud Storage Service to COS
Migrating Data from URL to COS
Migrating Data Within COS
Migrating Data Between HDFS and COS
Data Lake Storage
Cloud Native Datalake Storage
Metadata Accelerator
GooseFS
Data Processing
Data Processing Overview
Image Processing
Media Processing
Content Moderation
File Processing Service
File Preview
Troubleshooting
Obtaining RequestId
Slow Upload over Public Network
403 Error for COS Access
Resource Access Error
POST Object Common Exceptions
API Documentation
Introduction
Common Request Headers
Common Response Headers
Error Codes
Request Signature
Action List
Service APIs
Bucket APIs
Object APIs
Batch Operation APIs
Data Processing APIs
Job and Workflow
Content Moderation APIs
Cloud Antivirus API
SDK Documentation
SDK Overview
Preparations
Android SDK
C SDK
C++ SDK
.NET(C#) SDK
Flutter SDK
Go SDK
iOS SDK
Java SDK
JavaScript SDK
Node.js SDK
PHP SDK
Python SDK
React Native SDK
Mini Program SDK
Error Codes
Harmony SDK
Endpoint SDK Quality Optimization
Security and Compliance
Data Disaster Recovery
Data Security
Cloud Access Management
FAQs
Popular Questions
General
Billing
Domain Name Compliance Issues
Bucket Configuration
Domain Names and CDN
Object Operations
Logging and Monitoring
Permission Management
Data Processing
Data Security
Pre-signed URL Issues
SDKs
Tools
APIs
Agreements
Service Level Agreement
Privacy Policy
Data Processing And Security Agreement
Contact Us
Glossary
DokumentasiCloud Object StorageUser GuideData ManagementLog ManagementLogging Overview

Logging Overview

PDF
Mode fokus
Ukuran font
Terakhir diperbarui: 2025-10-10 09:50:01

Feature Overview

The logging feature allows you to record the access information of a source bucket and save it to a destination bucket as logs.
In the destination bucket, the log path is:
destination bucket/path prefix{YYYY}/{MM}/{DD}/{time}_{random}_{index}
Logs are generated every 5 minutes (one record per line). Each record contains multiple fields, and fields are separated by a space. The file size for a log file is up to 256 MB. If the amount of logs generated within these 5 minutes exceeds 256MB, your logs will be split into multiple log files. The logging fields supported are as follows:
No.
Field
Description
Sample
1
eventVersion
Log version
1.0
2
bucketName
Bucket Name
examplebucket-1250000000
3
qcsRegion
Request region
ap-beijing
4
eventTime
Event time (request end time, which is a timestamp in UTC+0 time zone)
2018-12-01T11:02:33Z
5
eventSource
Access domain name
examplebucket-1250000000.cos.ap-guangzhou.myqcloud.com
6
eventName
Event name, i.e., API operation name. For details, see Operation List.
UploadPart
7
remoteIp
Source IP
192.168.0.1
8
userSecretKeyId
User access KeyId
************************************
9
reservedFiled
Reserved field.
Displayed as -
10
reqBytesSent
Request bytes
83886080
11
deltaDataSize
Change in storage made by the request (in bytes)
808
12
reqPath
Requested file path
/folder/text.txt
13
reqMethod
Request method
put
14
userAgent
User UA
cos-go-sdk-v5.2.9
15
resHttpCode
HTTP response status code
404
16
resErrorCode
Error Codes
NoSuchKey
17
resErrorMsg
Error Message
The specified key does not exist.
18
resBytesSent
Bytes returned
197
19
resTotalTime
Total time used by the request (in milliseconds, i.e., the time between the last byte of the response and the first byte of the request)
4295
20
logSourceType
Source type of the log
USER (user access requests), CDN (CDN origin-pull requests)
21
storageClass
Storage Type
STANDARD,STANDARD_IA,ARCHIVE
22
accountId
Bucket owner ID
100000000001
23
resTurnAroundTime
Time used by the request server (in milliseconds, i.e., the time between the first byte of the response and the last byte of the request)
4295
24
requester
Visitor account.
If the visitor is the root account, the account format is root account UIN:root account UIN;
If the visitor is a sub-account, the account format is root account UIN:sub-account UIN;
If the visitor is a service account, the account format is granted root account UIN:role ID;
If the requester is anonymous, it is displayed as -.
100000000001:100000000001
25
requestId
Request ID
NWQ1ZjY4MTBfMjZiMjU4NjRfOWI1N180NDBiYTY=
26
objectSize
Object size, in bytes
808, if you use multipart upload, the objectSize field will only be displayed upon completion of the upload. During each part's upload, this field will display -.
27
versionId
Object version ID
Random string
28
targetStorageClass
Destination storage class, recorded for replication requests
STANDARD,STANDARD_IA,ARCHIVE
29
referer
HTTP referer of the request
*.example.com or 111.111.111.1
30
requestUri
Request URI
"GET /fdgfdgsf%20/%E6%B5%AE%E7%82%B9%E6%95%B0 HTTP/1.1"
"GET /fdgfdgsf%20/%E6%B5%AE%E7%82%B9%E6%95%B0 HTTP/1.1"
Notes:
If the signature is in the query_string form, it will be shown in the requestUri. Otherwise, the requestUri will not contain the signature information.
31
vpcId
VPC request ID
"0" (non-VPC) / "12345" (VPC, any non-zero string)
Note:
Currently, the log management function of COS supports the following regions: Beijing, Nanjing, Shanghai, Guangzhou, Chengdu, Chongqing, Shenzhen Finance, Shanghai Finance, Hong Kong (China), Singapore, Seoul, Bangkok, Tokyo, Silicon Valley, Virginia, Frankfurt.
The destination bucket and source bucket must reside in the same region.
The destination bucket that stores logs can be the source bucket itself (not recommended).
Currently, logs will be generated only when the bucket is accessed through XML APIs and XML API-based SDKs or tools, not via JSON APIs or JSON API-based SDKs or tools.
Depending on customer needs and business development, COS may add new fields to the access logs. Be sure to prepare for this when parsing the logs.
COS does not guarantee 100% accuracy of log data, for reference only, not as measurement or billing basis.

Enabling Logging

Using the Console

1. Log in to the COS console.
2. In the left navigation bar, click Bucket List to enter the bucket list management page.
3. Find the source bucket for which you want to enable log storage, click the Bucket Name, and enter the bucket management page.
4. On the left sidebar, select Logging > Logging, click Edit, and toggle on the feature.
5. Configure the configuration items of Logging as follows.
Destination Bucket: The destination bucket that stores the source bucket's logs must reside in the same region as the source bucket. We recommend you not set the source bucket itself as the destination bucket.
Path Prefix: A custom path prefix for the logs. If this field is left empty, logs will be delivered to the root directory of the destination bucket.
Service Authorization: When enabling the log storage feature for the first time, you need to authorize the CLS product service to deliver access logs to your bucket. Follow the prompts to complete the authorization.
6. After confirming that everything is correct, click Save.
Note:
After enabling the log storage feature, it is expected to take 1 hour to complete the first batch of log delivery. Subsequently, logs will be generated every 5 minutes, and the specific time of log delivery depends on the data volume.
7. Go to the destination bucket configured to view the generated logs.

8. After downloading the logs, you can view them in detail. For more information, see Logging Overview.
Note:
Currently, only the bucket owner possesses the permission to configure log storage. Other users will not see the Log Storage configuration option when accessing the console.

Notes

To enable Logging, you need to create a log role in the CAM console and grant the role permissions to read/write logs of the source bucket.
If Logging is disabled yet the role is not deleted, the role's read/write permissions on the source bucket's logs still exist.

Using the API

To enable logging for a bucket using APIs, follow the steps below:

1. Create a log role

Create a log role. For more information, see CreateRole.
Here, roleName must be CLS_QcsRole.
policyDocument must be:
{
    "version": "2.0",
    "statement": [{
        "action": "name/sts:AssumeRole",
        "effect": "allow",
        "principal": {
            "service": "cls.cloud.tencent.com"
        }
    }]
}

2. Grant the log role permissions

Grant the log role permissions. For more information about the API, see AttachRolePolicy.
Here, policyName is set to QcloudCOSAccessForCLSRole.roleName is the CLS_QcsRole in step 1, or the roleID returned when roleName was created.

3. Enable Log Management

Call the API to enable logging. For more information about the API, see PUT Bucket logging. Note that the destination bucket to store the logs should be in the same region as the source bucket.
Topik sebelumnya: Data ExtractionTopik selanjutnya: Restrictions on Log Management

Bantuan dan Dukungan

Apakah halaman ini membantu?

masukan