August 8, 2019 By Mike Lamb 3 min read

Do you have a need to track the Cloud Object Storage (COS) API calls in your IBM Cloud account? Activity Tracker with LogDNA can help.

The IBM Cloud Activity Tracker with LogDNA service provides the framework and functionality to monitor API calls to services on IBM Cloud and produces the evidence to comply with corporate policies and market industry-specific regulations.

IBM Cloud Activity Tracker with LogDNA is made with the following uses in mind:

  • Compliance: Demonstrate that COS buckets and objects were managed according to regulatory standards.
  • Security analytics: See which user activities on your COS buckets and objects failed due to permissions.
  • Resource tracking: Track a COS bucket from creation to deletion.
  • Operational troubleshooting: Identify the most recent changes made to your COS buckets and objects.

By using self-serve access to audit logging for IBM Cloud Object Storage activity (create bucket, list objects, upload object, and more), you can opt-in to the category of audit events to collect and track WHO did WHAT and WHEN on your data. This allows you to find answers to the following questions:

  • What actions did a user take over a time period?
  • For a COS bucket or object, which user has taken action over a time period?
  • What is the resource IP address of a particular activity?

Steps to associate Activity Tracker with your bucket

You can configure the type of audit events on an existing bucket or when the bucket is created by using either the IBM Cloud console or the COS resource configuration API.

Management events will be received for configuration activity on to your bucket (configure CORS, retention, etc.) when an Activity Tracker instance is associated to your bucket.

  1. From the IBM Cloud console, select Resource List from the navigation menu in the left corner and then select Storage in your resource list.
  2. Select the COS service instance. It will take you to the COS console.
  3. Click Create bucket.
  4. Check Activity Tracker for LogDNA.
  5. Choose an Activity Tracker instance or have one created.
  6. Optionally, opt-in to Data events like object read/write accesses.
  7. Click Create bucket.

Note: Activity Tracker can also be associated on an existing bucket in the bucket configuration panel.

Once configured, your buckets audit logs will be available in Activity Tracker.

Optionally, you can also configure Activity Tracker for archiving your audit logs for long-term storage to a COS bucket. See “Track Your Cloud Activities Using IBM Cloud Activity Tracker with LogDNA“ for an overview of the IBM Cloud Activity Tracker with LogDNA capabilities.

To capture global events which include (list buckets, create and delete bucket), create an IBM Cloud Activity Tracker with LogDNA service instance in Frankfurt (eu-de).   

Walking through an example COS event

Jul 30 16:02:22 Cloud Object Storage: create object activity-tracker-test-object-2019-07-30-11-02-09 in bucket activity-tracker-test-bucket-uat-2019-07-30-11-00-03

Who

initiator.name = bluemix_ui_integration_test_1@mailinator.com

initiator.host.address = public, 169.45.118.71 (over the public endpoint from this IP address)

What

action = cloud-object-storage.object.create

target.name = activity-tracker-test-object-2019-07-30-11-02-09

outcome = success

When

eventTime = 2019-07-30T16:02:09+00:00

Great! You have successfully configured Activity Tracker on your bucket to receive COS audit events and learned about what they contain. Now, you can search, chart, and alert on the COS events that are important to you.

Additional resources

 

More from Analytics

In preview now: IBM watsonx BI Assistant is your AI-powered business analyst and advisor

3 min read - The business intelligence (BI) software market is projected to surge to USD 27.9 billion by 2027, yet only 30% of employees use these tools for decision-making. This gap between investment and usage highlights a significant missed opportunity. The primary hurdle in adopting BI tools is their complexity. Traditional BI tools, while powerful, are often too complex and slow for effective decision-making. Business decision-makers need insights tailored to their specific business contexts, not complex dashboards that are difficult to navigate. Organizations…

IBM unveils Data Product Hub to enable organization-wide data sharing and discovery

2 min read - Today, IBM announces Data Product Hub, a data sharing solution which will be generally available in June 2024 to help accelerate enterprises’ data-driven outcomes by streamlining data sharing between internal data producers and data consumers. Often, organizations want to derive value from their data but are hindered by it being inaccessible, sprawled across different sources and tools, and hard to interpret and consume. Current approaches to managing data requests require manual data transformation and delivery, which can be time-consuming and…

A new era in BI: Overcoming low adoption to make smart decisions accessible for all

5 min read - Organizations today are both empowered and overwhelmed by data. This paradox lies at the heart of modern business strategy: while there's an unprecedented amount of data available, unlocking actionable insights requires more than access to numbers. The push to enhance productivity, use resources wisely, and boost sustainability through data-driven decision-making is stronger than ever. Yet, the low adoption rates of business intelligence (BI) tools present a significant hurdle. According to Gartner, although the number of employees that use analytics and…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters