11.2. Monitoring Logs

11.2.1. Service Menu Overview

This menu provides functions for customer-operation log acquisition, search/view, and transfer setting, with respect to Enterprise Cloud 2.0.
This function serves to deal with audit, for example, handling PCI DSS of a customer system and to quickly solve a problem when it occurs.

11.2.2. List of Functions



Log acquisition

Logs regarding such Enterprise Cloud 2.0 portal and Enterprise Cloud 2.0 API-use operations for various resources as creation, deletion, reference, and update are acquired. Log acquisition is automatically started, following tenant creation regarding the target region.

Log search/view

A customer can search for and view acquired logs with portal or API. (Logs for the past 365 days) For search, conditions for search can be specified.

Log transfer

With the portal or API, a customer can make settings for transferring acquired logs to desired Google BigQuery. For log transfer, up to five BigQuery settings can be made per tenant. For the setting method, refer to the tutorial. A customer is expected to prepare Google BigQuery beforehand.


This menu provides API. With API, a customer can search for and view acquired logs and make transfer settings. Log search conditions and search target period can be specified as parameters of API.

11.2.3. Description of Functions Log types

This menu allows to acquire the following types of logs:

Operation log

This log records operations executed with the portal or API to allow to check who performed which operations when at tenants.

Creating a virtual server through Enterprise Cloud 2.0 portal Transmitting API for virtual server creation Acquisition target menu

  • Common Functions

    • Deployment Manager
  • Server

    • Baremetal Server

    • Virtual Server

  • Storage Plane

    • Block Storage (Provisioned I/O Performance)

    • FileStorage(Premium)

    • File Storage(Standard)

  • Network

    • Logical Network

    • Internet Connectivity

    • Firewall (Brocade 5600 vRouter) *Stop of new sales on July 1, 2017

    • Load Balancer(NetScaler VPX)

    • VPN Gateway

  • SD-Exchange
    • Colocation Inter-Connectivity (CIC)

    • Enterprise Cloud 1.0 Inter-Connectivity (EIC)

    • Enterprise Cloud 2.0 Inter-Connectivity

    • Enterprise Cloud 2.0 Inter-Connectivity (Network-sharing type)

    • Amazon Web Services Inter-Connectivity

    • Google Cloud Platform Inter-Connectivity

    • DC Inter-Connectivity

  • Dedicated hypervisor

    • vSphere
    • Hyper-V
    • Guest image

  • Middleware

    • SAP HANA
    • HULFT
    • Arcserve
    • Veeam
  • Platform Service
    • FastDNS
    • WebRTC Platform SkyWay
    • Power Systems
    • Hybrid Cloud with Microsoft Azure
    • Rancher(Docker Container Management)

    • Global Server Load Balance
  • Management

    • Monitoring

    • Monitoring Logs Log format

The items to be shown for a log search result are as follows:




Log message information

Operation ID

Unique log ID

Request information

Acceptance time

API request occurrence time (Time of log reception by a log acquisition facility)



HTTP method regarding an API request



Host regarding an API request



Path regarding an API request


Query parameter

Query parameter regarding an API request



Body regarding an API request


ECL transaction ID

Sequential operation-relating ID


Via a dashboard

Operation via a dashboard or not

Response information

Occurrence time

API response occurrence time


Status code

HTTP status code regarding an API response

API call source information

ECL user ID

Enterprise Cloud 2.0 user ID


API call source IP

Source IP address regarding an API request


User agent

User agent of a client who called API

Other information


Currently used region


Tenant ID

Enterprise Cloud 2.0 tenant ID

The log format of a log transfer destination is as follows:

Column name



Example: Case of create server API of a virtual server

1 uuid  
ID which uniquely identifies an API request
All API responses are assigned an HTTP header “ECL-Transaction-ID:” having “uuid” put as a value. Using this uuid enables to link a log in BigQuery with executed API.
2 timestamp  

Time when an API request reached Service Provider. UTC is used for the display.

2018-04-11 04:55:54.000 UTC
3 tenant_id  

Tenant ID to which an operation-target resource belongs

4 region  

Tenant region to which an operation-target resource belongs

5 audit      
6   ecl_transaction_id

Time when an API response was returned to the customer UTC is used for the display.

7   response_timestamp

Time when an API response was returned to the customer UTC is used for the display.

2018-04-11 04:55:55.000 UTC
8   request_timestamp

Time when an API request reached Service Provider. UTC is used for the display. Same as of timestamp

2018-04-11 04:55:54.000 UTC
9   source_ip_address
Connection source IP address of a client who sent an API request
This is used as the IP address of Enterprise Cloud 2.0 portal in the case of access through Enterprise Cloud 2.0 portal.
10   is_dashboard

Flag for identifying access through Enterprise Cloud 2.0 portal This becomes true in the case of operations through Enterprise Cloud 2.0 portal.

11   user_agent

User agent of a client who sent an API request

12   username

User ID of Enterprise Cloud 2.0.

13   host

Host portion of an API end point

14   path

Request path of API

15   method

Request method of API

16   query

Query parameter of API

17   request_body

Request body of API

{“server”: {“name”: “example-server1”, “imageRef”: “df1944a7-ca45-4709-9ec6-e31664133650”, “availability_zone”: “zone1_groupb”, “flavorRef”: “1CPU-4GB”, “max_count”: 1, “min_count”: 1, “networks”: [{“uuid”: “b792325f-78bc-44e7-9cf2-98d413b705e7”}], “metadata”: {“vmha”: “true”}}}
18   status_code

Response record of API


11.2.4. Terms And Conditions View privilege

All users who can use tenants are allowed to view monitoring logs.
If intending to impose restrictions on the view privilege, refer to the tutorial of IAM. Region


11.2.5. Pricing Initial Fee

There is no initial fee required in this menu. Monthly Fees

No monthly charge is required for the Monitoring-Logs menu,
Customer’s Google BigQuery which is a log transfer destination is charged.

11.2.6. Quality of Service Support Coverage

As for this menu, only inquiries about the specifications of the individual functions described in the function list are supported. SLA

This menu is not subject to SLA.

11.2.7. Restrictions

  • Note that the log transfer amount cannot be restricted whereas the log transfer amount changes depending on the change of frequency of portal operations or API executions by a customer.

  • Since logs are stored with a delay, if you can not retrieve the expected logs, wait for a while and search again.

  • Some functions can not be used if the screen is opened by multiple tabs in the browser.

  • When performing Enterprise Cloud 2.0 API operations, use id to specify a tenant at the time of authentication with keystone. If name is used to specify, log acquisition fails.

  • If a data set is deleted during log transfer settings, log transfer is stopped. To resume the log transfer, create a data set again and make transfer settings.

  • Duplication of transfer of the same log may occur infrequently for reasons such as a malfunction. To avoid duplication and extract logs with Google BigQuery, operations with SQL are needed. For details, refer to FAQ.

  • Log missing can occur depending on factors such as rapid increase of load of the shared environment and maintenance works.

  • If personnel of Service Provider accesses resources of a customer tenant for the purpose of service operations, the corresponding logs may be left. If any suspicious logs are present, contact Service Provider.

  • Logs on the platform of Service Provider are encrypted at the time of transfer and storage. Also, a transfer destination Google BigQuery is encrypted in accordance with the specifications below: https://cloud.google.com/bigquery/