IBM Cloud Activity Tracker with LogDNA for IBM Cloud Object Storage

3 min read

Do you have a need to track the Cloud Object Storage (COS) API calls in your IBM Cloud account? Activity Tracker with LogDNA can help.

The IBM Cloud Activity Tracker with LogDNA service provides the framework and functionality to monitor API calls to services on IBM Cloud and produces the evidence to comply with corporate policies and market industry-specific regulations.

IBM Cloud Activity Tracker with LogDNA is made with the following uses in mind:

  • Compliance: Demonstrate that COS buckets and objects were managed according to regulatory standards.
  • Security analytics: See which user activities on your COS buckets and objects failed due to permissions.
  • Resource tracking: Track a COS bucket from creation to deletion.
  • Operational troubleshooting: Identify the most recent changes made to your COS buckets and objects.

By using self-serve access to audit logging for IBM Cloud Object Storage activity (create bucket, list objects, upload object, and more), you can opt-in to the category of audit events to collect and track WHO did WHAT and WHEN on your data. This allows you to find answers to the following questions:

  • What actions did a user take over a time period?
  • For a COS bucket or object, which user has taken action over a time period?
  • What is the resource IP address of a particular activity?

Steps to associate Activity Tracker with your bucket

You can configure the type of audit events on an existing bucket or when the bucket is created by using either the IBM Cloud console or the COS resource configuration API.

Management events will be received for configuration activity on to your bucket (configure CORS, retention, etc.) when an Activity Tracker instance is associated to your bucket.

  1. From the IBM Cloud console, select Resource List from the navigation menu in the left corner and then select Storage in your resource list.
  2. Select the COS service instance. It will take you to the COS console.
  3. Click Create bucket.
  4. Check Activity Tracker for LogDNA.
  5. Choose an Activity Tracker instance or have one created.
  6. Optionally, opt-in to Data events like object read/write accesses.
  7. Click Create bucket.
Steps to associate Activity Tracker with your bucket

Note: Activity Tracker can also be associated on an existing bucket in the bucket configuration panel.

Once configured, your buckets audit logs will be available in Activity Tracker.

Optionally, you can also configure Activity Tracker for archiving your audit logs for long-term storage to a COS bucket. See “Track Your Cloud Activities Using IBM Cloud Activity Tracker with LogDNA“ for an overview of the IBM Cloud Activity Tracker with LogDNA capabilities.

To capture global events which include (list buckets, create and delete bucket), create an IBM Cloud Activity Tracker with LogDNA service instance in Frankfurt (eu-de).   

Walking through an example COS event

Jul 30 16:02:22 Cloud Object Storage: create object activity-tracker-test-object-2019-07-30-11-02-09 in bucket activity-tracker-test-bucket-uat-2019-07-30-11-00-03
Walk through an example COS event

Who

initiator.name = bluemix_ui_integration_test_1@mailinator.com

initiator.host.address = public, 169.45.118.71 (over the public endpoint from this IP address)

What

action = cloud-object-storage.object.create

target.name = activity-tracker-test-object-2019-07-30-11-02-09

outcome = success

When

eventTime = 2019-07-30T16:02:09+00:00

Great! You have successfully configured Activity Tracker on your bucket to receive COS audit events and learned about what they contain. Now, you can search, chart, and alert on the COS events that are important to you.

Additional resources

 

Be the first to hear about news, product updates, and innovation from IBM Cloud