This image shows a Oracle Cloud
Infrastructure region with one virtual cloud network (VCN) distributed across 2 availability domains. Logging detail follows the architecture
description.
The region provides the following services. Data is passed between these services by using a secure and encrypted transport
layer.
- Auditing
- Logging: Data collected by the Logging service is passed to the Service Connector Hub.
- Service Connector Hub: Data is passed to the Logging Analytics service.
- Logging Analytics: Server production log data and data provided through the Service Connector Hub is passed to the Logging
Analytics service. The service can initiate notifications and alarms and can be accessed by external web clients (DBA, IT
Admins, DevOps) by using the secure and encrypted transport layer.
- Notifications
- Alarms
The virtual cloud network (VCN) provides the following gateways:
- Dynamic routing gateway (DRG): Provides private connectivity using site-to-site VPN for customer remote access.
- Internet gateway: Provides communications between public subnets and internet hosts.
- Service gateway: VCNs communicate with services such as object storage over the Oracle network fabric without traversing the
internet.
The VCN provides 3 subnets in availability domain 1 arranged as functional tiers and 2 subnets in availability domain 2 for
redundancy. Virtual routing between the primary and redundancy subnets is built into the VCN and is shown as connecting lines
between the web server and database server tiers.
- Load balancer tier (public subnet 1): Handles incoming traffic and connects to the web server tier. Log data is passed to
the Logging service by using a secure and encrypted transport layer.
- Web servers tier (public subnet 2): Two web servers are shown, each hosting a logging Management Agent. Log data is passed
through the service gateway to the Logging Analytics service. A similar configuration exists in public subnet 3 in availability
domain 2 for redundancy.
- Database servers tier (private subnet 1): Two database servers are shown, each hosting a logging Management Agent. Log data
is passed through the service gateway to the Logging Analytics service. A similar configuration exists in private subnet 2
in availability domain 2 for redundancy.