示例:Amazon Monitron 日志文件条目 - Amazon Monitron
成功的 DeleteProject 操作失败的 DeleteProject 操作(授权错误)失败的 DeleteProject 操作(冲突异常错误)

从2024年10月31日起,亚马逊Monitron将不再向新客户开放。如果您想使用该服务,请在该日期之前注册。现有客户可以继续照常使用该服务。如需了解与 Amazon Monitron 类似的功能,请参阅我们的博客文章

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

示例:Amazon Monitron 日志文件条目

跟踪是一种配置,可用于将事件作为日志文件传送到您指定的 Amazon S3 桶。CloudTrail 日志文件包含一个或多个日志条目。一个事件表示来自任何源的一个请求,包括有关所请求的操作、操作的日期和时间、请求参数等方面的信息。CloudTrail 日志文件不是公用 API 调用的有序堆栈跟踪,因此它们不会按任何特定顺序显示。

以下示例显示了说明项目删除 (DeleteProject) 操作的 CloudTrail 日志条目。

成功的 DeleteProject 操作

以下示例显示了 DeleteProject 操作成功后 CloudTrail 日志中可能出现的内容。

{
  "eventVersion": "1.05",
  "userIdentity": {
    "type": "AssumedRole",
    "principalId": "principal ID",
    "arn": "ARN",
    "accountId": "account ID",
    "accessKeyId": "access key ID",
    "sessionContext": {
      "sessionIssuer": {
        "type": "Role",
        "principalId": "principal ID",
        "arn": "ARN",
        "accountId": "account ID",
        "userName": "user name"
      },
      "webIdFederationData": {},
      "attributes": {
        "mfaAuthenticated": "false",
        "creationDate": "timestamp"
      }
    }
  },
  "eventTime": "timestamp",
  "eventSource": "monitron.amazonaws.com",
  "eventName": "DeleteProject",
  "awsRegion": "region",
  "sourceIPAddress": "source IP address",
  "userAgent": "user agent",
  "requestParameters": {
    "Name": "name"
  },
  "responseElements": {
    "Name": "name"
  },
  "requestID": "request ID",
  "eventID": "event ID",
  "readOnly": false,
  "eventType": "AwsApiCall",
  "recipientAccountId": "account ID"
}
显示更多显示更少

失败的 DeleteProject 操作(授权错误)

以下示例显示了因为发生错误导致 DeleteProject 操作失败后 CloudTrail 日志中可能出现的内容。在这个示例中,错误是授权错误,即用户无权删除指定项目。

{
    "eventVersion": "1.05",
    "userIdentity": {
        "type": "IAMUser",
        "principalId": "principal ID",
        "arn": "ARN",
        "accountId": "account ID",
        "accessKeyId": "access key ID",
        "userName": "user name",
        "sessionContext": {
            "sessionIssuer": {},
            "webIdFederationData": {},
            "attributes": {
                "mfaAuthenticated": "false",
                "creationDate": "timestamp"
            }
        }
    },
    "eventTime": "timestamp",
    "eventSource": "monitron.amazonaws.com",
    "eventName": "DeleteProject",
    "awsRegion": "region",
    "sourceIPAddress": "source IP address",
    "userAgent": "user agent",
    "errorCode": "AccessDenied",
    "requestParameters": {
        "Name": "name"
    },
    "responseElements": {
        "Message": "User: user ARN is not authorized to perform: monitron:DeleteProject on resource: resource ARN"
    },
    "requestID": "request ID",
    "eventID": "event ID",
    "readOnly": false,
    "eventType": "AwsApiCall",
    "recipientAccountId": "account ID"
}
显示更多显示更少

失败的 DeleteProject 操作(冲突异常错误)

以下示例显示了因为发生错误导致 DeleteProject 操作失败后 CloudTrail 日志中可能出现的内容。在这个示例中,错误是一项冲突异常,即当 Amazon Monitron 尝试删除项目后,传感器仍然存在。

{
  "eventVersion": "1.05",
  "userIdentity": {
    "type": "AssumedRole",
    "principalId": "principal ID",
    "arn": "ARN",
    "accountId": "account ID",
    "accessKeyId": "access key ID",
    "sessionContext": {
      "sessionIssuer": {
        "type": "Role",
        "principalId": "principal ID",
        "arn": "ARN",
        "accountId": "account ID",
        "userName": "user name"
      },
      "webIdFederationData": {},
      "attributes": {
        "mfaAuthenticated": "false",
        "creationDate": "timestamp"
      }
    }
  },
  "eventTime": "timestamp",
  "eventSource": "monitron.amazonaws.com",
  "eventName": "DeleteProject",
  "awsRegion": "region",
  "sourceIPAddress": "source IP address",
  "userAgent": "user agent",
  "errorCode": "ConflictException",
  "requestParameters": {
    "Name": "name"
  },
  "responseElements": {
    "message": "This project still has sensors associated to it and cannot be deleted."
  },
  "requestID": "request ID",
  "eventID": "event ID",
  "readOnly": false,
  "eventType": "AwsApiCall",
  "recipientAccountId": "account ID"
}
显示更多显示更少