检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Can Logs Stored in LTS Be Used for Security Compliance Audit? What Are the Recommended Scenarios for Using LTS? What Are the Advantages of LTS Compared with Self-built ELK Stack?
Can Logs Stored in LTS Be Used for Security Compliance Audit? What Are the Recommended Scenarios for Using LTS? What Are the Advantages of LTS Compared with Self-built ELK Stack? Log Management What Do I Do If I Encounter a Problem with LTS Cold Storage?
Can Logs Stored in LTS Be Used for Security Compliance Audit? Yes. LTS protects logs reported to it from being modified and tampered with. You can store logs in LTS for a long time and query them at any time for security compliance audit.
Auditing and Logs CTS is a log audit service for Huawei Cloud security. It allows you to collect, store, and query cloud resource operation records. You can use these records to perform security analysis, audit compliance, trace resource changes, and locate faults.
DDS Audit Log Center Log in to the LTS console. In the navigation pane, choose Dashboards. Choose DDS dashboard templates under Dashboard Templates and click DDS audit log center to view the chart details. Filter by operation type.
Security: records events related to system security, such as login attempts, permission changes, and audit policy triggers. Startup: records events that occur during Windows OS startup.
The DCS audit log center dashboard displays charts such as the number of access users, access clients, and audit logs. Prerequisites Logs have been structured. For details, see Setting Cloud Structuring Parsing. DCS Audit Log Center Log in to the LTS console.
Enabling CTS to Record LTS Operations Cloud Trace Service (CTS) is a professional log audit service for Huawei Cloud security solutions. It enables you to collect, store, and query resource operation records (traces).
The associated query and analysis statement is: select distinct("userAgent") Total Audit Records.
It protects Internet and VPC borders on the cloud by real-time intrusion detection and prevention, global unified access control, full traffic analysis, log audit, and tracing.
Security: records events related to system security, such as login attempts, permission changes, and audit policy triggers. Startup: records events that occur during Windows OS startup.
Security: records events related to system security, such as login attempts, permission changes, and audit policy triggers. Startup: records events that occur during Windows OS startup.
No No APIG DCS audit logs Defined by DCS. No No DCS_AUDIT TOMCAT Defined by Tomcat. No No TOMCAT NGINX Defined by Nginx. No No NGINX GAUSSV5 audit logs Defined by GAUSSV5. No No GAUSSDB_OPENGAUSS_AUDIT DDS audit logs Defined by DDS. No No DDS_AUDIT DDS error logs Defined by DDS.
No No APIG DCS audit logs Defined by DCS. No No DCS_AUDIT TOMCAT Defined by Tomcat. No No TOMCAT NGINX Defined by Nginx. No No NGINX GAUSSV5 audit logs Defined by GAUSSV5. No No GAUSSDB_OPENGAUSS_AUDIT DDS audit logs Defined by DDS. No No DDS_AUDIT DDS error logs Defined by DDS.
For details, see Interconnecting with LTS and Querying Database Audit Logs. Parent topic: Ingesting Cloud Service Logs to LTS
Querying Real-Time LTS Traces Overview CTS can record operations (traces) related to LTS for query, audit, and backtracking. After you enable CTS, the system starts to record LTS operations. CTS stores operation records from the last seven days.
Replication Service Access logs Ingesting DRS Logs to LTS - DWS Data Warehouse Service CN logs DN logs OS messages logs Audit logs Ingesting GaussDB(DWS) Logs to LTS - ECS Elastic Cloud Server All logs (text logs collected by ICAgent) Ingesting ECS Text Logs to LTS - ELB Elastic
Table 1 Relationships with other services Interaction Related Service With Cloud Trace Service (CTS), you can record operations associated with LTS for future query, audit, and backtracking.
To meet security audit or operations analysis requirements, the security compliance or operations department at a group company can use the multi-account log center to aggregate key logs from various departments and accounts to one log account.
Application Scenarios Scenario 1: Application O&M Enterprises often encounter the following pain points when collecting logs for routine O&M, audit, or security compliance: They need to collect complex and massive logs from many departments.
