网络流日志

{"list":[{"id":75455,"title":"动态与公告","type":"directory","docType":"default","pdfUrl":"https://main.qcloudimg.com/raw/document/product/pdf/682_75455_cn.pdf","children":[{"id":75456,"title":"【2022年7月25日】流日志支持机型变更通知","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/75456"}],"link":"/document/product/682/75455"},{"id":18930,"title":"产品简介","type":"directory","docType":"default","pdfUrl":"https://main.qcloudimg.com/raw/document/product/pdf/682_18930_cn.pdf","children":[{"id":18931,"title":"产品概述","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/18931"},{"id":18932,"title":"产品优势","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/18932"},{"id":18933,"title":"产品功能","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/18933"},{"id":18957,"title":"应用场景","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/18957"},{"id":18934,"title":"使用限制","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/18934"},{"id":18956,"title":"相关产品","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/18956"}],"link":"/document/product/682/18930"},{"id":18963,"title":"购买指南","type":"page","docType":"price","pdfUrl":"https://main.qcloudimg.com/raw/document/product/pdf/682_18963_cn.pdf","link":"/document/product/682/18963"},{"id":18935,"title":"快速入门","type":"page","docType":"default","pdfUrl":"https://main.qcloudimg.com/raw/document/product/pdf/682_18935_cn.pdf","link":"/document/product/682/18935"},{"id":18965,"title":"操作指南","type":"directory","docType":"default","pdfUrl":"https://main.qcloudimg.com/raw/document/product/pdf/682_18965_cn.pdf","children":[{"id":18974,"title":"操作总览","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/18974"},{"id":63357,"title":"授权流日志访问 CLS 权限","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/63357"},{"id":18967,"title":"创建日志集和日志主题","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/18967"},{"id":68199,"title":"日志列表","type":"directory","docType":"default","pdfUrl":"","children":[{"id":18966,"title":"创建流日志","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/18966"},{"id":65748,"title":"修改流日志","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/65748"},{"id":18970,"title":"查看流日志记录","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/18970"},{"id":18968,"title":"删除流日志","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/18968"}],"link":"/document/product/682/68199"},{"id":65137,"title":"主题配置","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/65137"},{"id":65764,"title":"高级分析","type":"page","docType":"default","pdfUrl":"","link":"/document/product/682/65764"}],"link":"/document/product/682/18965"},{"id":18977,"title":"API 文档","type":"page","docType":"default","pdfUrl":"https://main.qcloudimg.com/raw/document/product/pdf/682_18977_cn.pdf","link":"/document/product/682/18977"},{"id":19260,"title":"常见问题","type":"page","docType":"faq","pdfUrl":"https://main.qcloudimg.com/raw/document/product/pdf/682_19260_cn.pdf","link":"/document/product/682/19260"},{"id":59705,"title":"联系我们","type":"page","docType":"default","pdfUrl":"https://main.qcloudimg.com/raw/document/product/pdf/682_59705_cn.pdf","link":"/document/product/682/59705"},{"id":30315,"title":"词汇表","type":"page","docType":"glossary","pdfUrl":"https://main.qcloudimg.com/raw/document/product/pdf/682_30315_cn.pdf","link":"/document/product/682/30315"}],"categoryId":682,"title":"网络流日志","lang":"zh"}

文档中心网络流日志快速入门

快速入门

最近更新时间：2024-03-13 10:47:21

我的收藏

本页目录：

本文以内网互通场景下，为弹性网卡创建流日志为例，演示流日志的快速入门操作。弹性网卡创建网络流日志后，即可将网络流量进行实时存储、分析，适用于故障排查、合规审计、安全检测等场景。
前提条件
确保您的云服务器在网络流日志 支持列表。
由于流日志数据需要投递到日志服务 CLS，请确保已完成授权 CLS，方可查看日志数据，具体操作请参见 授权流日志访问 CLS 权限。
您已创建日志主题，具体操作请参见 新增日志主题。
背景信息
服务器 A（10.16.0.22）和服务器 B（10.16.0.40）在同一 VPC 中，登录服务器 A 对服务器 B 执行 ping 命令将触发服务器弹性网卡上发生流量，若为服务器 A 的弹性网卡创建网络流日志，流日志中将会记录该流量数据。
﻿
操作步骤
1. 登录 私有网络控制台，在左侧导航栏选择流日志 > 流日志。
2. 在流日志页面左上角选择地域，单击+新建，并在新建流日志对话框中配置以下参数：
﻿
字段
含义
名称
该流日志的名称。
采集范围
指定流日志采集范围，本例选择弹性网卡。
私有网络
弹性网卡所在私有网络，本例选择服务器 A 所在的私有网络。
子网
弹性网卡所在子网，本例选择服务器 A 所在的子网。
采集类型
指定流日志应捕获被安全组或 ACL 已拒绝流量、已接受流量、所有流量，本例选择允许。
日志集
指定流日志在日志服务内的存储集合，请选择您已创建的日志集，若暂未创建日志集，则单击新建前往日志服务控制台新建。
日志主题
指定日志存储的最小维度，用于区别不同类型日志，例如 Accept 日志等。请选择您已创建的日志主题，若暂未创建日志主题，则前往日志服务控制台新建。
标签键
可选参数，您可以直接输入（即新建）或选择已有标签键，用于流日志查找和管理。
标签值
可选参数，您可以直接输入（即新建）或选择已有标签值，也可以为空值。
3. 单击确定。
注意：
首次创建流日志时，创建完成后需等待约10分钟后（5分钟捕获窗口，5分钟数据推送时间），方可在日志服务中查看流日志。
流日志本身不会产生费用，数据存储在日志服务中，将按标准收费。
结果验证
约10分钟后，在流日志页面目标流日志右侧操作列单击查看。在检索分析页面选择时间，并输入服务器 B 的 IP 进行关键词检索。
﻿
﻿

字段	含义
名称	该流日志的名称。
采集范围	指定流日志采集范围，本例选择弹性网卡。
私有网络	弹性网卡所在私有网络，本例选择服务器 A 所在的私有网络。
子网	弹性网卡所在子网，本例选择服务器 A 所在的子网。
采集类型	指定流日志应捕获被安全组或 ACL 已拒绝流量、已接受流量、所有流量，本例选择允许。
日志集	指定流日志在日志服务内的存储集合，请选择您已创建的日志集，若暂未创建日志集，则单击新建前往日志服务控制台新建。
日志主题	指定日志存储的最小维度，用于区别不同类型日志，例如 Accept 日志等。请选择您已创建的日志主题，若暂未创建日志主题，则前往日志服务控制台新建。
标签键	可选参数，您可以直接输入（即新建）或选择已有标签键，用于流日志查找和管理。
标签值	可选参数，您可以直接输入（即新建）或选择已有标签值，也可以为空值。