download free 30 days trial version buy bucket explorer
Documentation  Download  Purchase  Support  FAQs   Forum   ScreenShots & Demos
AmazonS3 Bucket Logging : Evidence of online activity

It is due to ever growing of various complex computational activities that are compelled, users to take full control over all such activities. Computerize data logging helps the user to record all the activities and events, and provides an audit trial to be able to track the activities conducted in the system and diagnose the problem.


What is Logging?

Logging or computerized data logging is simply a computational activity in which a program records all the activity in a simple text file in specific pre defined or custom format. And this text file is generally stored with .log extension. But some times these logs get larger and larger, containing too much data which are difficult to understand by human beings, but machines can process this data easily with accuracy many log / data analysis programs are available on internet which helps you to analyze your log data easily and give you meaningful results help you in decision making.


What is Bucket Logging?

Now we are on Bucket Explorer website, and the Bucket Explorer is providing user-friendly user interface for Amazon's Simple Storage Service (S3). By using of this service users can upload, download, share, access and publish contents over the internet. So overall, all of these activities are available on very low cost. Here we need to pay for all these activities so we need to track all of these activities because these all activities affect our billing. Means Economic factor is attached with bucket logging.

Some times bucket logging helps you in your content management and audit trials on objects.

That's why Bucket Explorer helps the user to enable the logging on required buckets. By logging on bucket, user can track all the activities within a bucket (s). Suppose if user creates bucket and make publically available to all internet users / outsiders, he/she can track the entire upload and download activities. Also analyze the traffic on his her bucket, estimate his/her data transfer and control his billing on the bases of data transfer analysis.


Why Bucket Logging?

Bucket logging is important because logs are the proofs of the activities conducted in a bucket. We can get so many meaningful results from these logs like;

We can,

  1. Track suspicious activity being on our public buckets.
  2. Find which bucket or object is most frequently used and effects our billing.
  3. Calculate data transfer to estimate our incoming bills.
  4. Audit the user upload download activity in our public bucket.
  5. Analyze the traffic on specific bucket or and Object.
  6. Track and analyze the errors, and find the root of the problem, and so on.


How can a user enable logging on Buckets?

To enable the logging on any specific bucket (s), you need to specify the targeted bucket in which log files would be stored. You must specify any Bucket other than source Bucket. Both Bucket should be belong from the same location i.e. Both should be either from US or Europe otherwise Bucket Explorer will prompt you a message as "Source and target bucket must be from same location. Cross S3 location logging not allowed".

When a log file is delivered to the target bucket, the format of the name of the log file is:-

TargetPrefixYYYY-mm-DD-HH-MM-SS-UniqueString

Target Prefix may be the bucket name that has been logged or as per your choice. Here YYYY , mm , DD , HH , MM and SS are the digits of the year, month, day, hour, minute, and seconds (respectively) when the log file was delivered. When bucket logging is enabled for a particular bucket, then automatically write and Read_ACP permission is assigned for the log delivery user.


Now, how to set "Bucket Logging" with Bucket Explorer.

Bucket Explorer made simple for you.

  1. Right click on the bucket that you want to set bucket logging for and choose the option " Bucket Logging ", A dialog box will appear:-
    bucket logging window
  2. Bucket Logging status shows whether bucket is already logged or not. If logged, then it displays the "target" bucket name, otherwise it shows " Not Logged ".
  3. Default Prefix is the bucket name that you want to log, you can change this also.
  4. Select the target bucket from the combobox, in which you want to deliver the log files.
  5. Click on " ok " button to enable the bucket logging.
  6. Right click to this bucket and choose option " Update Bucket Access control List ", and a window will appear. See the permissions for the Log delivery users.
  7. Bucket Explorer automatically sets Write and Read_ACP permissions.

The log files consist of a sequence of log record. Log records appear in no particular order. Each log record represents one request and consists of the following space delimited fields:

Sr. No. Field name Purpose
1 Bucket Owner The canonical user id of the owner of the owner of the source bucket.
2 Bucket The name of the bucket that the request was processed against.
3 Time The time at which the request was proceed.
4 Remote-IP This shows the Internet address of the requestor.
5 Requestor The canonical User Id of the request.
6 Request-Id The request ID is a unique string generated by Amazon S3.
7 Operation Either SOAP or REST.
8 Key ‘-‘when no operation is performed on key, Otherwise name of the key.
9 Request-URI The request-URI of the http request header.
10 HTTP status The numeric http status code of the response.
11 Error Code The Amazon S3 Error Code , or '-' if no error occurred.
12 Bytes Sent The number of response bytes sent, excluding HTTP protocol overhead, or '-' if zero.
13 Object Size The total size of the object.
14 Total Time The total number of milliseconds from the time your request is received to the time that the last byte of the response is sent.
15 Turn-Around Time The number of milliseconds that Amazon S3 spent for processing your request.
16 Referrer The value of the HTTP Referrer header, if present. HTTP user-agents (e.g. browsers) typically set this header to the URL of the linking or embedding page when making a request.
17 User-Agent The value of the HTTP User-Agent header.

Now let's see few important fields, which are practicable in your daily life and helps you to get some meaningful results like,

Error Code: Helps you to track which type of error is occurring and how it can be resolved. It helps you to find root cause of the problem. Let suppose you are getting an error code like BucketNotEmpty , it means you are deleting the bucket which contains some objects. And for deleting that bucket you need to empty the bucket first. You just delete all objects then you are eligible to delete to the buckets.

Object size: helps you to calculate which object is frequently accessed by the user and how many times it is being downloaded. And how much data transferred. Let's suppose if we have 1 MB object, is downloaded by 10 peoples it means 10 MB data has being transferred.

Referrer: Helps you to come to know that how many people referring your friend's buckets or objects. It also helps you in traffic analysis. Which source gives you maximum traffic on your third party bucket. And which one is beneficial for you.

Related link:

Amazon S3 bucket logging

By : Chandresh Kesri | Posted : November 2007