Public Cloud – Flexible Engine

Cloud Trace Service (CTS) – query, audit and backtrack operation log, and store traces in OBS buckets with high reliability and low cost

[Features – Management and Deployment]

Get operation log on cloud service resources with CTS

CTS record all traces that are triggered by open APIs and Console from every cloud service that’s integrated with CTS. 

  • In the architecture diagram above, we have three main. The third-party services record operations to Cloud Trace Service, e.g. when you create a ECS server, it will record the create operation to CTS server.
  • CTS server will store the trace files to your OBS buckets, if there is new resource operations.
  • Tenant can search and view the traces on the console of CTS.

CTS provide records of operations on cloud service resources. It also provides the trace list and query by filters, and delivers trace files containing operation records to the OBS buckets for tenant’s analysis.

There are three major features in CTS:

Tracker management

The tenant of cloud service can open CTS by creating a tracker, OBS bucket and the prefix of trace files are required for a tracker. Every tracker can be modified, deleted, viewed, started or stopped.

View and Search Trace

In order to view and search trace, CTS provide this feature for tenant to search trace by default search condition and customized filter on CTS console, supported filters include trace period, trace source, operator, trace status.

Store trace record to OBS

Generally the operation records will be saved in CTS for 7 days after the operation being recorded, and will be stored permanently in OBS periodically, so CTS provide this feature to execute transfer job.

With Using CTS, you can:

  • Record operations on resources.
  • Create and manage trackers.
  • View and search the trace list.
  • Search traces by filters.
  • Transfer trace files to the OBS buckets periodically for archiving.
  • Set prefixes for trace files delivered to the OBS buckets.

Benefits

Real-Time Trace Collection

CTS quickly collects generated traces. After a resource request (include create/change/delete) operation is performed, tenant can view the generated trace on the CTS console.

Full trace tracking

Traces generated by CTS record operations performed on the public cloud management console, calls made using the open APIs, and internal actions triggered in the public cloud system. The traces also record the operation results.

High Reliability and Low Cost

CTS can combine traces to periodically generate trace files. The trace files can be delivered to an OBS bucket, providing high availability and enabling the files to be stored for a long time period at low cost.

Scenarios

There are three general-purpose scenarios for CTS:

Security analysis

Traces generated by CTS record tenant who perform operations, the time when operations are performed, and IP addresses used to perform operations. You can use the information to conduct security analysis.

Operation troubleshooting

Traces generated by CTS record the causes of failed operations, using which you can troubleshoot operation faults. For example, you will fail to create an ECS if you delete the system disk during creation.

Resource change tracing

Traces generated by CTS record resource changes and the results. You can track the resource use using the records.

Compliance audit

CTS provides operation records and the operation query capability, and helps financial and payment enterprises pass authentications, such as PCI DSS.

Characteristics

There are three major kinds of functions provided by Cloud Trade Service:

Tracker management

Creating / Modifying / Editing / Deleting / Starting / Stopping tracker.

View and Search Trace

Viewing the trace list and search traces by multiple filters, which are generated within seven days.

Store trace record to OBS

CTS will check for new trace periodically and upload it to tenant’s OBS bucket and grant rights for tenant’s bucket. 

The available service including: Elastic Cloud Server, Auto-Scaling, Image Management Service, Bare Metal Server, Cloud Container Engine, Identity & Access Management, Virtual Private Cloud, Elastic Load Balancer, Direct Connect, Cloud Eye Service, Cloud Trace Service, Simple Message Notification, Volume Backup Service, Relational Database Service, Anto-DDoS, Map Reduce Service.

Limitations

The tenant can create only one tracker in a region.

Billing

CTS is free, but tenant need to pay for OBS buckets fee. Tenant can refer to the standard of OBS charge provided by OBS service.

porta. quis, libero id, Phasellus non