This topic describes how to enable the access log management feature in the SLB console. After you enable the feature, you can use Log Service to collect SLB access logs.
- An SLB instance is created. For more information, see Create an SLB instance.
- An HTTP or HTTPS listener is configured for the SLB instance. For more information, see Add an HTTP listener or Add an HTTPS listener.
- A project and a Logstore are created in the region where the SLB instance resides. For more information, see Create a project and a Logstore.
- Log on to the SLB console.
- In the upper-left corner of the page, select the region where the SLB instance resides.
- In the left-side navigation pane, choose .
- Authorize SLB to assume the AliyunLogArchiveRole role to access Log Service.Note
- If you have authorized SLB to assume the AliyunActionTrailDefaultRole role, skip this step.
- You must not delete the RAM role or revoke the permissions from the RAM role. Otherwise, logs cannot be shipped to Log Service.
- If you use a RAM user to log on to SLB, you must authorize the RAM user by using an Alibaba Cloud account. For more information, see Authorize a RAM user to use access logs.
- On the Access Logs (Layer-7) page, click Configure in the Actions column of the instance.
- In the Configure Logging dialog box, select an available project and a Logstore. , and then click OK.After you complete the configuration, indexes are automatically created for the data in the selected Logstore. If indexes were created in the Logstore, the indexes are overwritten.