Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris.
# CloudTrail contoh file log
CloudTrail memantau acara untuk akun Anda. Jika Anda membuat jejak, itu mengirimkan peristiwa tersebut sebagai file log ke bucket Amazon S3 Anda. Jika Anda membuat penyimpanan data acara di CloudTrail Lake, peristiwa dicatat ke penyimpanan data acara Anda. Penyimpanan data acara tidak menggunakan bucket S3.
**Topics**
+ [CloudTrail format nama file log](#cloudtrail-log-filename-format)
+ [Contoh file log](#cloudtrail-log-file-examples-section)
## CloudTrail format nama file log
CloudTrail menggunakan format nama file berikut untuk objek file log yang dikirimkan ke bucket Amazon S3 Anda:
```
AccountID_CloudTrail_RegionName_YYYYMMDDTHHmmZ_UniqueString.FileNameFormat
```
+ Itu `YYYY``MM`,`DD`,`HH`,, dan `mm` merupakan digit tahun, bulan, hari, jam, dan menit ketika file log dikirim. Jam dalam format 24 jam. `Z`Ini menunjukkan bahwa waktunya dalam UTC.
**catatan**
Berkas log yang dikirimkan pada waktu tertentu dapat berisi catatan yang ditulis kapan pun sebelum waktu tersebut.
+ `UniqueString`Komponen 16 karakter dari nama file log ada untuk mencegah penimpaan file. Tidak memiliki makna, dan perangkat lunak pemroses log harus mengabaikannya.
+ `FileNameFormat`adalah pengkodean file. Saat ini, ini adalah`json.gz`, yang merupakan file teks JSON dalam format gzip terkompresi.
**Contoh Nama File CloudTrail Log**
```
111122223333_CloudTrail_us-east-2_20150801T0210Z_Mu0KsOhtH1ar15ZZ.json.gz
```
## Contoh file log
File log berisi satu atau lebih catatan. Contoh berikut adalah cuplikan log yang menunjukkan catatan untuk tindakan yang memulai pembuatan file log.
Untuk informasi tentang bidang catatan CloudTrail peristiwa, lihat[CloudTrail merekam konten untuk acara manajemen, data, dan aktivitas jaringan](cloudtrail-event-reference-record-contents.md).
**Contents**
+ [Contoh log Amazon EC2](#cloudtrail-log-file-examples-ec2)
+ [Contoh log IAM](#cloudtrail-log-file-examples-iam)
+ [Kode kesalahan dan contoh log pesan](#error-code-and-error-message)
+ [CloudTrail Contoh log peristiwa wawasan](#insights-event-example)
### Contoh log Amazon EC2
Amazon Elastic Compute Cloud (Amazon EC2) menyediakan kapasitas komputasi yang dapat diubah ukurannya dalam format. AWS Cloud Anda dapat meluncurkan server virtual, mengkonfigurasi keamanan dan jaringan, dan mengelola penyimpanan. Amazon EC2 juga dapat meningkatkan atau menurunkan skala dengan cepat untuk menangani perubahan persyaratan atau lonjakan popularitas, sehingga mengurangi kebutuhan Anda untuk memperkirakan lalu lintas server. Untuk informasi selengkapnya, lihat [Panduan Pengguna Amazon EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/).
Contoh berikut menunjukkan bahwa pengguna IAM bernama `Mateo` menjalankan **aws ec2 start-instances** perintah untuk memanggil tindakan Amazon [https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StartInstances.html](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StartInstances.html)EC2 untuk `i-EXAMPLE56126103cb` instance dan. `i-EXAMPLEaff4840c22`
```
{"Records": [{
"eventVersion": "1.08",
"userIdentity": {
"type": "IAMUser",
"principalId": "EXAMPLE6E4XEGITWATV6R",
"arn": "arn:aws:iam::123456789012:user/Mateo",
"accountId": "123456789012",
"accessKeyId": "AKIAIOSFODNN7EXAMPLE",
"userName": "Mateo",
"sessionContext": {
"sessionIssuer": {},
"webIdFederationData": {},
"attributes": {
"creationDate": "2023-07-19T21:11:57Z",
"mfaAuthenticated": "false"
}
}
},
"eventTime": "2023-07-19T21:17:28Z",
"eventSource": "ec2.amazonaws.com",
"eventName": "StartInstances",
"awsRegion": "us-east-1",
"sourceIPAddress": "192.0.2.0",
"userAgent": "aws-cli/2.13.5 Python/3.11.4 Linux/4.14.255-314-253.539.amzn2.x86_64 exec-env/CloudShell exe/x86_64.amzn.2 prompt/off command/ec2.start-instances",
"requestParameters": {
"instancesSet": {
"items": [
{
"instanceId": "i-EXAMPLE56126103cb"
},
{
"instanceId": "i-EXAMPLEaff4840c22"
}
]
}
},
"responseElements": {
"requestId": "e4336db0-149f-4a6b-844d-EXAMPLEb9d16",
"instancesSet": {
"items": [
{
"instanceId": "i-EXAMPLEaff4840c22",
"currentState": {
"code": 0,
"name": "pending"
},
"previousState": {
"code": 80,
"name": "stopped"
}
},
{
"instanceId": "i-EXAMPLE56126103cb",
"currentState": {
"code": 0,
"name": "pending"
},
"previousState": {
"code": 80,
"name": "stopped"
}
}
]
}
},
"requestID": "e4336db0-149f-4a6b-844d-EXAMPLEb9d16",
"eventID": "e755e09c-42f9-4c5c-9064-EXAMPLE228c7",
"readOnly": false,
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "123456789012",
"eventCategory": "Management",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "ec2.us-east-1.amazonaws.com"
},
"sessionCredentialFromConsole": "true"
}]}
```
Contoh berikut menunjukkan bahwa pengguna IAM bernama `Nikki` menjalankan **aws ec2 stop-instances** perintah untuk memanggil tindakan Amazon [https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StopInstances.html](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_StopInstances.html)EC2 untuk menghentikan dua instance.
```
{"Records": [{
"eventVersion": "1.08",
"userIdentity": {
"type": "IAMUser",
"principalId": "EXAMPLE6E4XEGITWATV6R",
"arn": "arn:aws:iam::777788889999:user/Nikki",
"accountId": "777788889999",
"accessKeyId": "AKIAI44QH8DHBEXAMPLE",
"userName": "Nikki",
"sessionContext": {
"sessionIssuer": {},
"webIdFederationData": {},
"attributes": {
"creationDate": "2023-07-19T21:11:57Z",
"mfaAuthenticated": "false"
}
}
},
"eventTime": "2023-07-19T21:14:20Z",
"eventSource": "ec2.amazonaws.com",
"eventName": "StopInstances",
"awsRegion": "us-east-1",
"sourceIPAddress": "192.0.2.0",
"userAgent": "aws-cli/2.13.5 Python/3.11.4 Linux/4.14.255-314-253.539.amzn2.x86_64 exec-env/CloudShell exe/x86_64.amzn.2 prompt/off command/ec2.stop-instances",
"requestParameters": {
"instancesSet": {
"items": [
{
"instanceId": "i-EXAMPLE56126103cb"
},
{
"instanceId": "i-EXAMPLEaff4840c22"
}
]
},
"force": false
},
"responseElements": {
"requestId": "c308a950-e43e-444e-afc1-EXAMPLE73e49",
"instancesSet": {
"items": [
{
"instanceId": "i-EXAMPLE56126103cb",
"currentState": {
"code": 64,
"name": "stopping"
},
"previousState": {
"code": 16,
"name": "running"
}
},
{
"instanceId": "i-EXAMPLEaff4840c22",
"currentState": {
"code": 64,
"name": "stopping"
},
"previousState": {
"code": 16,
"name": "running"
}
}
]
}
},
"requestID": "c308a950-e43e-444e-afc1-EXAMPLE73e49",
"eventID": "9357a8cc-a0eb-46a1-b67e-EXAMPLE19b14",
"readOnly": false,
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "777788889999",
"eventCategory": "Management",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "ec2.us-east-1.amazonaws.com"
},
"sessionCredentialFromConsole": "true"
}]}
```
Contoh berikut menunjukkan bahwa pengguna IAM bernama `Arnav` menjalankan **aws ec2 create-key-pair** perintah untuk memanggil [https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html)tindakan. Perhatikan bahwa `responseElements` mengandung hash dari key pair dan yang AWS menghapus materi kunci.
```
{"Records": [{
"eventVersion": "1.08",
"userIdentity": {
"type": "IAMUser",
"principalId": "AIDA6ON6E4XEGIEXAMPLE",
"arn": "arn:aws:iam::444455556666:user/Arnav",
"accountId": "444455556666",
"accessKeyId": "AKIAI44QH8DHBEXAMPLE",
"userName": "Arnav",
"sessionContext": {
"sessionIssuer": {},
"webIdFederationData": {},
"attributes": {
"creationDate": "2023-07-19T21:11:57Z",
"mfaAuthenticated": "false"
}
}
},
"eventTime": "2023-07-19T21:19:22Z",
"eventSource": "ec2.amazonaws.com",
"eventName": "CreateKeyPair",
"awsRegion": "us-east-1",
"sourceIPAddress": "192.0.2.0",
"userAgent": "aws-cli/2.13.5 Python/3.11.4 Linux/4.14.255-314-253.539.amzn2.x86_64 exec-env/CloudShell exe/x86_64.amzn.2 prompt/off command/ec2.create-key-pair",
"requestParameters": {
"keyName": "my-key",
"keyType": "rsa",
"keyFormat": "pem"
},
"responseElements": {
"requestId": "9aa4938f-720f-4f4b-9637-EXAMPLE9a196",
"keyName": "my-key",
"keyFingerprint": "1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f",
"keyPairId": "key-abcd12345eEXAMPLE",
"keyMaterial": ""
},
"requestID": "9aa4938f-720f-4f4b-9637-EXAMPLE9a196",
"eventID": "2ae450ff-e72b-4de1-87b0-EXAMPLE5227cb",
"readOnly": false,
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "444455556666",
"eventCategory": "Management",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "ec2.us-east-1.amazonaws.com"
},
"sessionCredentialFromConsole": "true"
}]}
```
### Contoh log IAM
AWS Identity and Access Management (IAM) adalah layanan web yang membantu Anda mengontrol akses ke AWS sumber daya dengan aman. Dengan IAM, Anda dapat mengelola izin secara terpusat yang mengendalikan sumber daya AWS yang dapat diakses pengguna. Anda menggunakan IAM untuk mengontrol siapa yang dapat terautentikasi (masuk) dan berwenang (memiliki izin) untuk menggunakan sumber daya. Untuk informasi selengkapnya, lihat [Panduan Pengguna IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/).
Contoh berikut menunjukkan bahwa pengguna IAM bernama `Mary` menjalankan **aws iam create-user** perintah untuk memanggil [https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateUser.html](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateUser.html)tindakan untuk membuat pengguna baru bernama`Richard`.
```
{"Records": [{
"eventVersion": "1.08",
"userIdentity": {
"type": "IAMUser",
"principalId": "AIDA6ON6E4XEGITEXAMPLE",
"arn": "arn:aws:iam::888888888888:user/Mary",
"accountId": "888888888888",
"accessKeyId": "AKIAIOSFODNN7EXAMPLE",
"userName": "Mary",
"sessionContext": {
"sessionIssuer": {},
"webIdFederationData": {},
"attributes": {
"creationDate": "2023-07-19T21:11:57Z",
"mfaAuthenticated": "false"
}
}
},
"eventTime": "2023-07-19T21:25:09Z",
"eventSource": "iam.amazonaws.com",
"eventName": "CreateUser",
"awsRegion": "us-east-1",
"sourceIPAddress": "192.0.2.0",
"userAgent": "aws-cli/2.13.5 Python/3.11.4 Linux/4.14.255-314-253.539.amzn2.x86_64 exec-env/CloudShell exe/x86_64.amzn.2 prompt/off command/iam.create-user",
"requestParameters": {
"userName": "Richard"
},
"responseElements": {
"user": {
"path": "/",
"arn": "arn:aws:iam::888888888888:user/Richard",
"userId": "AIDA6ON6E4XEP7EXAMPLE",
"createDate": "Jul 19, 2023 9:25:09 PM",
"userName": "Richard"
}
},
"requestID": "2d528c76-329e-410b-9516-EXAMPLE565dc",
"eventID": "ba0801a1-87ec-4d26-be87-EXAMPLE75bbb",
"readOnly": false,
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "888888888888",
"eventCategory": "Management",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "iam.amazonaws.com"
},
"sessionCredentialFromConsole": "true"
}]}
```
Contoh berikut menunjukkan bahwa pengguna IAM bernama `Paulo` menjalankan **aws iam add-user-to-group** perintah untuk memanggil [https://docs.aws.amazon.com/IAM/latest/APIReference/API_AddUserToGroup.html](https://docs.aws.amazon.com/IAM/latest/APIReference/API_AddUserToGroup.html)tindakan untuk menambahkan pengguna bernama `Jane` ke `Admin` grup.
```
{"Records": [{
"eventVersion": "1.08",
"userIdentity": {
"type": "IAMUser",
"principalId": "AIDA6ON6E4XEGIEXAMPLE",
"arn": "arn:aws:iam::555555555555:user/Paulo",
"accountId": "555555555555",
"accessKeyId": "AKIAIOSFODNN7EXAMPLE",
"userName": "Paulo",
"sessionContext": {
"sessionIssuer": {},
"webIdFederationData": {},
"attributes": {
"creationDate": "2023-07-19T21:11:57Z",
"mfaAuthenticated": "false"
}
}
},
"eventTime": "2023-07-19T21:25:09Z",
"eventSource": "iam.amazonaws.com",
"eventName": "AddUserToGroup",
"awsRegion": "us-east-1",
"sourceIPAddress": "192.0.2.0",
"userAgent": "aws-cli/2.13.5 Python/3.11.4 Linux/4.14.255-314-253.539.amzn2.x86_64 exec-env/CloudShell exe/x86_64.amzn.2 prompt/off command/iam.add-user-to-group",
"requestParameters": {
"groupName": "Admin",
"userName": "Jane"
},
"responseElements": null,
"requestID": "ecd94349-b36f-44bf-b6f5-EXAMPLE9c463",
"eventID": "2939ba50-1d26-4a5a-83bd-EXAMPLE85850",
"readOnly": false,
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "555555555555",
"eventCategory": "Management",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "iam.amazonaws.com"
},
"sessionCredentialFromConsole": "true"
}]}
```
Contoh berikut menunjukkan bahwa pengguna IAM bernama `Saanvi` menjalankan **aws iam create-role** perintah untuk memanggil [https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html)tindakan untuk membuat peran.
```
{"Records": [{
"eventVersion": "1.08",
"userIdentity": {
"type": "IAMUser",
"principalId": "AIDA6ON6E4XEGITEXAMPLE",
"arn": "arn:aws:iam::777777777777:user/Saanvi",
"accountId": "777777777777",
"accessKeyId": "AKIAIOSFODNN7EXAMPLE",
"userName": "Saanvi",
"sessionContext": {
"sessionIssuer": {},
"webIdFederationData": {},
"attributes": {
"creationDate": "2023-07-19T21:11:57Z",
"mfaAuthenticated": "false"
}
}
},
"eventTime": "2023-07-19T21:29:12Z",
"eventSource": "iam.amazonaws.com",
"eventName": "CreateRole",
"awsRegion": "us-east-1",
"sourceIPAddress": "192.0.2.0",
"userAgent": "aws-cli/2.13.5 Python/3.11.4 Linux/4.14.255-314-253.539.amzn2.x86_64 exec-env/CloudShell exe/x86_64.amzn.2 prompt/off command/iam.create-role",
"requestParameters": {
"roleName": "TestRole",
"description": "Allows EC2 instances to call AWS services on your behalf.",
"assumeRolePolicyDocument": "{\"Version\":\"2012-10-17\", \"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"sts:AssumeRole\"],\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]}}]}"
},
"responseElements": {
"role": {
"assumeRolePolicyDocument": "policy-statement",
"arn": "arn:aws:iam::777777777777:role/TestRole",
"roleId": "AROA6ON6E4XEFFEXAMPLE",
"createDate": "Jul 19, 2023 9:29:12 PM",
"roleName": "TestRole",
"path": "/"
}
},
"requestID": "ff38f36e-ebd3-425b-9939-EXAMPLE1bbe",
"eventID": "9da77cd0-493f-4c89-8852-EXAMPLEa887c",
"readOnly": false,
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "777777777777",
"eventCategory": "Management",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "iam.amazonaws.com"
},
"sessionCredentialFromConsole": "true"
}]}
```
### Kode kesalahan dan contoh log pesan
Contoh berikut menunjukkan bahwa pengguna IAM bernama `Terry` menjalankan **aws cloudtrail update-trail** perintah untuk memanggil [https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_UpdateTrail.html](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_UpdateTrail.html)tindakan untuk memperbarui jejak bernama`myTrail2`, tetapi nama jejak tidak ditemukan. Log menunjukkan kesalahan ini di `errorMessage` elemen `errorCode` dan.
```
{"Records": [{
"eventVersion": "1.09",
"userIdentity": {
"type": "IAMUser",
"principalId": "AIDA6ON6E4XEGIEXAMPLE",
"arn": "arn:aws:iam::111122223333:user/Terry",
"accountId": "111122223333",
"accessKeyId": "AKIAIOSFODNN7EXAMPLE",
"userName": "Terry",
"sessionContext": {
"attributes": {
"creationDate": "2023-07-19T21:11:57Z",
"mfaAuthenticated": "false"
}
}
},
"eventTime": "2023-07-19T21:35:03Z",
"eventSource": "cloudtrail.amazonaws.com",
"eventName": "UpdateTrail",
"awsRegion": "us-east-1",
"sourceIPAddress": "192.0.2.0",
"userAgent": "aws-cli/2.13.0 Python/3.11.4 Linux/4.14.255-314-253.539.amzn2.x86_64 exec-env/CloudShell exe/x86_64.amzn.2 prompt/off command/cloudtrail.update-trail",
"errorCode": "TrailNotFoundException",
"errorMessage": "Unknown trail: arn:aws:cloudtrail:us-east-1:111122223333:trail/myTrail2 for the user: 111122223333",
"requestParameters": {
"name": "myTrail2",
"isMultiRegionTrail": true
},
"responseElements": null,
"requestID": "28d2faaf-3319-4649-998d-EXAMPLE72818",
"eventID": "694d604a-d190-4470-8dd1-EXAMPLEe20c1",
"readOnly": false,
"eventType": "AwsApiCall",
"managementEvent": true,
"recipientAccountId": "111122223333",
"eventCategory": "Management",
"tlsDetails": {
"tlsVersion": "TLSv1.2",
"cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
"clientProvidedHostHeader": "cloudtrail.us-east-1.amazonaws.com"
},
"sessionCredentialFromConsole": "true"
}]}
```
### CloudTrail Contoh log peristiwa wawasan
Contoh berikut menunjukkan log peristiwa CloudTrail Insights. Peristiwa Insights sebenarnya adalah sepasang peristiwa yang menandai awal dan akhir periode aktivitas API manajemen tulis yang tidak biasa atau aktivitas respons kesalahan. `state`Bidang menunjukkan apakah acara dicatat pada awal atau akhir periode aktivitas yang tidak biasa. Nama acara,`UpdateInstanceInformation`, adalah nama yang sama dengan AWS Systems Manager API yang CloudTrail menganalisis peristiwa manajemen untuk menentukan bahwa aktivitas yang tidak biasa terjadi. Meskipun peristiwa awal dan akhir memiliki `eventID` nilai unik, mereka juga memiliki `sharedEventID` nilai yang digunakan oleh pasangan. Peristiwa Insights menunjukkan`baseline`, atau pola aktivitas normal`insight`, atau rata-rata aktivitas tidak biasa yang memicu peristiwa Wawasan awal, dan pada akhirnya peristiwa, `insight` nilai rata-rata aktivitas yang tidak biasa selama durasi acara Wawasan. Untuk informasi selengkapnya tentang CloudTrail Wawasan, lihat[Bekerja dengan CloudTrail Wawasan](logging-insights-events-with-cloudtrail.md).
```
{
"Records": [{
"eventVersion": "1.08",
"eventTime": "2023-01-02T02:51:00Z",
"awsRegion": "us-east-1",
"eventID": "654a30ff-b0f3-4527-81b6-EXAMPLEf2393",
"eventType": "AwsCloudTrailInsight",
"recipientAccountId": "123456789012",
"sharedEventID": "bcbfc274-8559-4a56-beb0-EXAMPLEa6c34",
"insightDetails": {
"state": "Start",
"eventSource": "ssm.amazonaws.com",
"eventName": "UpdateInstanceInformation",
"insightType": "ApiCallRateInsight",
"insightContext": {
"statistics": {
"baseline": {
"average": 84.410596421
},
"insight": {
"average": 669
}
}
}
},
"eventCategory": "Insight"
},
{
"eventVersion": "1.08",
"eventTime": "2023-01-02T00:22:00Z",
"awsRegion": "us-east-1",
"eventID": "258de2fb-e2a9-4fb5-aeb2-EXAMPLE449a4",
"eventType": "AwsCloudTrailInsight",
"recipientAccountId": "123456789012",
"sharedEventID": "8b74a7bc-d5d3-4d19-9d60-EXAMPLE08b51",
"insightDetails": {
"state": "End",
"eventSource": "ssm.amazonaws.com",
"eventName": "UpdateInstanceInformation",
"insightType": "ApiCallRateInsight",
"insightContext": {
"statistics": {
"baseline": {
"average": 74.156423842
},
"insight": {
"average": 657
},
"insightDuration": 1
}
}
},
"eventCategory": "Insight"
}]
}
```