Cloud Trace Service (CTS)

Cloud Trace Service (CTS) provides records of requests for performing operations on cloud service resources and the request results for you to query, audit, and backtrack operations. You can store operation records in Object Storage Service (OBS) buckets in real time.

You can use CTS for free and only pay for storing operation records in OBS buckets.

Product Advantages

CTS

Traditional IT Audit

IT Environment

CTS: CTS records all changes to cloud resources and operations of all personnel systematically and in real time.

Traditional IT Audit: System configuration changes are recorded manually after they have occurred.

Access Security

CTS: CTS systematically records your operations on the management console as well as API calls in real time, helping you in problem query, analysis, and locating.

Traditional IT Audit: A standard auditing procedure cannot be strictly followed, and operations (such as illegal operations on servers, routers, databases, and OSs) as well as API calls cannot be recorded in real time and audited.

Data Security

CTS: You can detect data leak by collecting and checking active data of the OBS objects which you can obtain from the object-level API traces recorded by CTS.

Traditional IT Audit: Check who have access to your data through which software.

IT Management and Control

CTS: CTS can combine operation records periodically to generate trace files and deliver them to OBS buckets for storage, enabling you to store highly available operation records at a low cost for a long time.

Traditional IT Audit: Operations are mostly recorded and audited manually.

Product Architecture

Working Mechanism

2

Perform operations on resources of other services during trial use.

3

CTS records operations and provides convenient query functions.

4

CTS delivers operation records to OBS buckets for storage or triggers notifications.

Application Scenarios

Security Analysis

A trace generated by CTS records the user who performs the operation, the time when the operation is performed, and the IP address used to perform the operation. You can use the key information to conduct security analysis.

Operation Fault Handling

Traces generated by CTS record the causes of failed operations, which can help you troubleshoot operation faults. For example, if you delete the system disk when you create an ECS, the ECS fails to create.

Resource Change Tracking

Each trace generated by CTS records a resource change and the change result, using which you can measure and track resource use.

Compliance Audit

CTS provides operation records and the operation query capability, and helps financial and payment enterprises pass authentications, such as PCI-DSS.

Function Description

Trace Recording

CTS can record operation requests for cloud service resources from the public cloud management console and open APIs and the result of each request.

Trace Management

You can enable CTS by creating a tracker and all operations recorded by the system will be associated with the tracker.

Multi-dimensional Trace Query

CTS allows you to query traces by trace source, trace name, trace type, resource ID, and time range.

Trace Dumping

CTS periodically generates trace files based on the number of operations performed and automatically delivers the trace files to an OBS bucket.

Registration