Difference between revisions of "Amazon S3 logging"

From wikieduonline
Jump to navigation Jump to search
 
(15 intermediate revisions by the same user not shown)
Line 9: Line 9:
  
  
* [[Terraform resource: aws s3 bucket logging]]
+
* Terraform resource: <code>[[Terraform resource: aws_s3_bucket_logging|aws_s3_bucket_logging]]</code>
 +
* [[CLI]]: <code>[[aws s3api put-bucket-logging]]</code>
  
 +
Limitations:
 +
* The destination bucket must be in the same AWS Region and [[AWS account]] as the source bucket.
 +
* S3 buckets that have [[S3 Object Lock]] enabled can't be used as destination buckets for server access logs
 +
* Your destination bucket must not have a default [[retention period]] configuration.
  
 +
Recomendations:
 +
* we recommend that you use a [[bucket policy]] instead of [[ACLs]].
  
 
== News ==
 
== News ==
 
* [[AWS timeline|Nov 2023]] [[Amazon S3 server access logging now supports automatic date-based partitioning]]
 
* [[AWS timeline|Nov 2023]] [[Amazon S3 server access logging now supports automatic date-based partitioning]]
 +
 +
== Related ==
 +
* [[Logging requests with server access logging]]
 +
* [[Enabling Amazon S3 server access logging]]
 +
* [[AWS S3 Object Lock]]: <code>[[aws s3api put-object-lock-configuration]]</code>
 +
* <code>[[logging.s3.amazonaws.com]]</code>
 +
* Nov 2014 [[New Event Notifications for Amazon S3]]: <code>[[s3_bucket_notification]]</code>
 +
* [[Stealth:S3/ServerAccessLoggingDisabled]]
  
 
== See also ==
 
== See also ==
 +
* {{S3 logs}}
 
* {{S3}}
 
* {{S3}}
  
 
[[Category:AWS S3]]
 
[[Category:AWS S3]]

Latest revision as of 05:40, 20 June 2024

Amazon S3 allows users to enable or disable logging. If enabled, the logs are stored in Amazon S3 buckets which can then be analyzed. These logs contain useful information such as:

  • Date and time of access to requested content
  • Protocol used (HTTP, FTP, etc.)
  • HTTP status codes
  • Turnaround time
  • HTTP request message


Limitations:

  • The destination bucket must be in the same AWS Region and AWS account as the source bucket.
  • S3 buckets that have S3 Object Lock enabled can't be used as destination buckets for server access logs
  • Your destination bucket must not have a default retention period configuration.

Recomendations:

News[edit]

Related[edit]

See also[edit]

Advertising: