Облачная платформаAdvanced

Access Logging

Язык статьи: Английский
Перевести

Scenarios

The requests sent to DNS Resolver are logged in detail, such as the time when a request was sent, client IP address, request path, and server response.

Constraints

To enable access logging, you need to interconnect DNS with LTS and create a log group and a log stream on the LTS console. For details, see the Log Tank Service User Guide.

Configuring LTS

  1. Create a log group.

    1. Log in to the management console.
    2. In the upper left corner of the page, click and choose Management & Governance > Log Tank Service.
    3. Click in the upper left corner and select the desired region and project.
    1. In the navigation pane on the left, choose Log Management.
    2. Click Create Log Group. On the displayed page, configure the log group name, enterprise project, log retention duration (days), tags, and remarks as prompted.
    1. Click OK.

  2. Create a log stream.

    1. On the LTS console, click on the left of the target log group.
    2. Click Create Log Stream. On the displayed page, configure the log stream name, enterprise project, log storage, log retention duration, tags, and remarks as prompted.
    3. Confirm the settings and click OK.

Configuring Access Logging

  1. Log in to the management console.
  2. Click in the upper left corner of the page and choose Networking > Domain Name Service.
  3. Click in the upper left corner and select the desired region and project.
  4. In the navigation pane on the left, choose Resolvers.
  5. Click the Access Logs tab.
  6. Click Configure Access Logging. On the displayed page, select a log group, log stream, and VPC as prompted.
  1. Click OK.

Viewing Access Logs

  1. Log in to the management console.
  2. Click in the upper left corner of the page and choose Networking > Domain Name Service.
  3. Click in the upper left corner and select the desired region and project.
  4. In the navigation pane on the left, choose Resolvers.
  5. Click the Access Logs tab.
  6. In the access log list, locate the target access log and click View Log Details.

    On the displayed page, view the information about the log group and log stream.

  7. Click the name of the log stream and view its details.

    The following is an example log. For details about the fields in the log, see Table 1. The log format cannot be modified.

    {
        "content": "2025-11-18 15:48:02.392 spark-api-knowledge.cn-example-1.xf-yun.com. A NOERROR UDP region-example CNAME_hb-kaicp.xf-example.com.|A_123.57.86.182|A_8.140.35.16|A_123.56.17.44|A_39.105.54.181|A_101.200.158.58|A_123.57.26.93 192.168.0.141 d3b08f84-12ef-411f-8eae-5c2726f42c14",
        "Answer": "CNAME_hb-kaicp.xf-example.com.|A_123.57.86.182|A_8.140.35.16|A_123.56.17.44|A_39.105.54.181|A_101.200.158.58|A_123.57.26.93",
        "Client": "192.168.0.141",
        "DNS-Region": "region-example",
        "Protocol": "UDP",
        "QueryName": "spark-api-knowledge.cn-example-1.xf-yun.com.",
        "QueryType": "A",
        "Rcode": "NOERROR",
        "Time": "2025-11-18 15:48:02.392",
        "VpcId": "d3b08f84-12ef-411f-8eae-5c2726f42c14",
        "_resource_id": "d3b08f84-12ef-411f-8eae-5c2726f42c14",
        "_resource_name": "d3b08f84-12ef-411f-8eae-5c2726f42c14",
        "_service_type": "DNS",
        "category": "LTS",
        "collectTime": 1763452083412
    }
    Table 1 Fields in a DNS Resolver access log

    Field

    Description

    Example Value

    content

    DNS Resolver access logs

    2025-11-18 15:48:02.392 spark-api-knowledge.cn-example-1.xf-yun.com. A NOERROR UDP region-example CNAME_hb-kaicp.xf-example.com.|A_123.57.86.182|A_8.140.35.16|A_123.56.17.44|A_39.105.54.181|A_101.200.158.58|A_123.57.26.93 192.168.0.141 d3b08f84-12ef-411f-8eae-5c2726f42c14

    Answer

    Response

    CNAME_hb-kaicp.xf-example.com.|A_123.57.86.182|A_8.140.35.16|A_123.56.17.44|A_39.105.54.181|A_101.200.158.58|A_123.57.26.93

    Client

    Client

    192.168.0.141

    DNS-Region

    Region

    region-example

    Protocol

    Protocol

    UDP

    QueryName

    Domain name to be resolved

    spark-api-knowledge.cn-example-1.xf-yun.com.

    QueryType

    Record set type

    A

    Rcode

    Response code

    NOERROR

    Time

    Time

    2025-11-18 15:48:02.392

    VpcId

    VPC ID

    d3b08f84-12ef-411f-8eae-5c2726f42c14

    _resource_id

    Resource ID

    d3b08f84-12ef-411f-8eae-5c2726f42c14

    _resource_name

    Resource name

    d3b08f84-12ef-411f-8eae-5c2726f42c14

    _service_type

    Service for which access logs are collected

    DNS

    category

    Log category

    LTS

    collectTime

    LTS log collection time

    1763452083412

Configuring Log Transfer

If you want to analyze access logs later, transfer the logs to OBS for storage.

  1. Log in to the management console.
  2. In the upper left corner of the page, click and choose Management & Governance > Log Tank Service.
  3. Click in the upper left corner and select the desired region and project.
  1. In the navigation pane on the left, choose Log Transfer.
  2. In the upper right corner of the Log Transfer page, click Configure Log Transfer.
  1. Configure log transfer and other parameters as required. For details, see Transferring Logs to OBS.
  2. Click OK.
Предыдущая статья
Viewing Traces
Следующая статья
Quota Adjustment
Поддержка Юридические документы Политика конфиденциальности
© 2026 Cloud.ru