Cloud Trace Service (CTS) helps you collect, store, and query operation records (traces) on cloud services for security analysis, compliance auditing, resource tracking, and fault locating.
- Trace Recording
Logs operations performed on the console or triggered by APIs and system calls.
- Trace Query
Searches for operation records of the last seven days on the console from multiple dimensions, such as trace type, trace source, resource type, filter, operator, and trace status.
- Trace Transfer
Periodically compresses traces into trace files by service and sends them to Object Storage Service (OBS) buckets.
- Trace File Encryption
Secures trace files using keys provided by Data Encryption Workshop (DEW) during transfer.
Tracker
A tracker is automatically created when you enable CTS. It identifies and associates with all cloud services your tenant account is using, and records all your operations.
Trace
These are operation records captured and stored by CTS. View traces to identify when and what operations were performed by which users.
There are two types of traces. Management traces are operation records reported by cloud services, whereas data traces are read/write operation records reported by OBS.
Trace File
This is a collection of traces. CTS generates trace files by service and transfer cycle, then transfers these files to your specified OBS bucket for storage. In most cases, all traces of a service generated in a transfer cycle are compressed into one trace file. However, if there are a large number of traces, CTS will adjust the number of traces contained in each trace file.
Trace File Integrity Verification
During a security audit, operation records cannot serve as evidence if they have been deleted or tampered with. The integrity verification function in CTS ensures the authenticity of trace files.