This image shows a Oracle Cloud Infrastructure region with one virtual cloud network (VCN) distributed across 2 availability domains. Logging detail follows the architecture description.

The region provides the following services. Data is passed between these services by using a secure and encrypted transport layer.

• Auditing
• Logging: Data collected by the Logging service is passed to the Service Connector Hub.
• Service Connector Hub: Data is passed to the Logging Analytics service.
• Logging Analytics: Server production log data and data provided through the Service Connector Hub is passed to the Logging Analytics service. The service can initiate notifications and alarms and can be accessed by external web clients (DBA, IT Admins, DevOps) by using the secure and encrypted transport layer.
• Notifications
• Alarms

The virtual cloud network (VCN) provides the following gateways:

• Dynamic routing gateway (DRG): Provides private connectivity using site-to-site VPN for customer remote access.
• Internet gateway: Provides communications between public subnets and internet hosts.
• Service gateway: VCNs communicate with services such as object storage over the Oracle network fabric without traversing the internet.

The VCN provides 3 subnets in availability domain 1 arranged as functional tiers and 2 subnets in availability domain 2 for redundancy. Virtual routing between the primary and redundancy subnets is built into the VCN and is shown as connecting lines between the web server and database server tiers.

• Load balancer tier (public subnet 1): Handles incoming traffic and connects to the web server tier. Log data is passed to the Logging service by using a secure and encrypted transport layer.
• Web servers tier (public subnet 2): Two web servers are shown, each hosting a logging Management Agent. Log data is passed through the service gateway to the Logging Analytics service. A similar configuration exists in public subnet 3 in availability domain 2 for redundancy.
• Database servers tier (private subnet 1): Two database servers are shown, each hosting a logging Management Agent. Log data is passed through the service gateway to the Logging Analytics service. A similar configuration exists in private subnet 2 in availability domain 2 for redundancy.