11.2. Monitoring Logs

11.2.1. Service Menu Overview

This menu provides functions for customer-operation log acquisition, search/view, and transfer setting, with respect to Enterprise Cloud 2.0.
This function serves to deal with audit, for example, handling PCI DSS of a customer system and to quickly solve a problem when it occurs.

11.2.2. List of Functions


Functions

Details

Log acquisition

Logs regarding such Enterprise Cloud 2.0 portal and Enterprise Cloud 2.0 API-use operations for various resources as creation, deletion, reference, and update are acquired. Log acquisition is automatically started, following tenant creation regarding the target region.

Log search/view

A customer can search for and view acquired logs with portal or API. (Logs for the past 365 days) For search, conditions for search can be specified.

Log transfer

With the portal or API, a customer can make settings for transferring acquired logs to desired Google BigQuery. For log transfer, up to five BigQuery settings can be made per tenant. For the setting method, refer to the tutorial. A customer is expected to prepare Google BigQuery beforehand.

API

This menu provides API. With API, a customer can search for and view acquired logs and make transfer settings. Log search conditions and search target period can be specified as parameters of API.


11.2.3. Description of Functions

11.2.3.1. Log types

This menu allows to acquire the following types of logs:

Operation log

This log records operations executed with the portal or API to allow to check who performed which operations when at tenants.

Creating a virtual server through Enterprise Cloud 2.0 portal Transmitting API for virtual server creation


11.2.3.2. Acquisition target menu


  • Common Functions

    • Deployment Manager
  • Server

    • Baremetal Server

    • Virtual Server

  • Storage Plane

    • Block Storage (Provisioned I/O Performance)

    • FileStorage(Premium)

    • File Storage(Standard)

  • Network

    • Logical Network

    • Internet Connectivity

    • Firewall (Brocade 5600 vRouter) *Stop of new sales on July 1, 2017

    • Load Balancer(NetScaler VPX)

    • VPN Gateway

  • SD-Exchange
    • Colocation Inter-Connectivity (CIC)

    • Enterprise Cloud 1.0 Inter-Connectivity (EIC)

    • Enterprise Cloud 2.0 Inter-Connectivity

    • Enterprise Cloud 2.0 Inter-Connectivity (Network-sharing type)

    • Amazon Web Services Inter-Connectivity

    • Google Cloud Platform Inter-Connectivity

    • DC Inter-Connectivity

  • Dedicated hypervisor

    • vSphere
    • Hyper-V
    • Guest image

  • Middleware

    • SAP HANA
    • HULFT
    • Arcserve
    • Veeam
  • Platform Service
    • FastDNS
    • WebRTC Platform SkyWay
    • Power Systems
    • Hybrid Cloud with Microsoft Azure
    • Rancher(Docker Container Management)

    • Global Server Load Balance
  • Management

    • Monitoring

    • Monitoring Logs


11.2.3.3. Log format

The items to be shown for a log search result are as follows:

Category

Item

Description

Log message information

Operation ID

Unique log ID

Request information

Acceptance time

API request occurrence time (Time of log reception by a log acquisition facility)

 

Method

HTTP method regarding an API request

 

Host

Host regarding an API request

 

Path

Path regarding an API request

 

Query parameter

Query parameter regarding an API request

 

Body

Body regarding an API request

 

ECL transaction ID

Sequential operation-relating ID

 

Via a dashboard

Operation via a dashboard or not

Response information

Occurrence time

API response occurrence time

 

Status code

HTTP status code regarding an API response

API call source information

ECL user ID

Enterprise Cloud 2.0 user ID

 

API call source IP

Source IP address regarding an API request

 

User agent

User agent of a client who called API

Other information

Region

Currently used region

 

Tenant ID

Enterprise Cloud 2.0 tenant ID


The log format of a log transfer destination is as follows:
No

Column name

 

Description

Example: Case of create server API of a virtual server

1 uuid  
ID which uniquely identifies an API request
All API responses are assigned an HTTP header “ECL-Transaction-ID:” having “uuid” put as a value. Using this uuid enables to link a log in BigQuery with executed API.
0cc4370d-6c76-4706-b323-0d0172d7b0f1
2 timestamp  

Time when an API request reached NTT Communications. UTC is used for the display.

2018-04-11 04:55:54.000 UTC
3 tenant_id  

Tenant ID to which an operation-target resource belongs

5b68aa5120da4947b400f087063c9189
4 region  

Tenant region to which an operation-target resource belongs

jp2
5 audit      
6   ecl_transaction_id

Time when an API response was returned to the customer UTC is used for the display.

0cc4370d-6c76-4706-b323-0d0172d7b0f1
7   response_timestamp

Time when an API response was returned to the customer UTC is used for the display.

2018-04-11 04:55:55.000 UTC
8   request_timestamp

Time when an API request reached NTT Communications. UTC is used for the display. Same as of timestamp

2018-04-11 04:55:54.000 UTC
9   source_ip_address
Connection source IP address of a client who sent an API request
This is used as the IP address of Enterprise Cloud 2.0 portal in the case of access through Enterprise Cloud 2.0 portal.
203.0.113.50
10   is_dashboard

Flag for identifying access through Enterprise Cloud 2.0 portal This becomes true in the case of operations through Enterprise Cloud 2.0 portal.

true
11   user_agent

User agent of a client who sent an API request

curl-NativeAPI
12   username

User ID of Enterprise Cloud 2.0.

ecid0000000000@ecl.ntt.com
13   host

Host portion of an API end point

nova-jp2-ecl.lab.api.ntt.com
14   path

Request path of API

/v2/5b68aa5120da4947b400f087063c9189/servers
15   method

Request method of API

POST
16   query

Query parameter of API

null
17   request_body

Request body of API

{“server”: {“name”: “example-server1”, “imageRef”: “df1944a7-ca45-4709-9ec6-e31664133650”, “availability_zone”: “zone1_groupb”, “flavorRef”: “1CPU-4GB”, “max_count”: 1, “min_count”: 1, “networks”: [{“uuid”: “b792325f-78bc-44e7-9cf2-98d413b705e7”}], “metadata”: {“vmha”: “true”}}}
18   status_code

Response record of API

202


11.2.4. Terms And Conditions

11.2.4.1. View privilege

All users who can use tenants are allowed to view monitoring logs.
If intending to impose restrictions on the view privilege, refer to the tutorial of IAM.

11.2.4.2. Region

JP2

11.2.5. Pricing

11.2.5.1. Initial Fee

There is no initial fee required in this menu.

11.2.5.2. Monthly Fees

No monthly charge is required for the Monitoring-Logs menu,
Customer’s Google BigQuery which is a log transfer destination is charged.

11.2.6. Quality of Service

11.2.6.1. Support Coverage

As for this menu, only inquiries about the specifications of the individual functions described in the function list are supported.

11.2.6.2. SLA

This menu is not subject to SLA.

11.2.7. Restrictions

  • Note that the log transfer amount cannot be restricted whereas the log transfer amount changes depending on the change of frequency of portal operations or API executions by a customer.

  • Since logs are stored with a delay, if you can not retrieve the expected logs, wait for a while and search again.

  • Some functions can not be used if the screen is opened by multiple tabs in the browser.

  • When performing Enterprise Cloud 2.0 API operations, use id to specify a tenant at the time of authentication with keystone. If name is used to specify, log acquisition fails.

  • If a data set is deleted during log transfer settings, log transfer is stopped. To resume the log transfer, create a data set again and make transfer settings.

  • Duplication of transfer of the same log may occur infrequently for reasons such as a malfunction. To avoid duplication and extract logs with Google BigQuery, operations with SQL are needed. For details, refer to FAQ.

  • Log missing can occur depending on factors such as rapid increase of load of the shared environment and maintenance works.

  • If personnel of NTT Communications accesses resources of a customer tenant for the purpose of service operations, the corresponding logs may be left. If any suspicious logs are present, contact NTT Communications.

  • Logs on the platform of NTT Communications are encrypted at the time of transfer and storage. Also, a transfer destination Google BigQuery is encrypted in accordance with the specifications below: https://cloud.google.com/bigquery/