Détails de l'analyseur OCI
Voici les analyseurs définis par Oracle disponibles dans Oracle Log Analytics pour traiter les journaux collectés depuis des services Oracle Cloud Infrastructure :
-
Format de journal de déploiement du modèle du service de science des données pour OCI
-
Format de journal de tâche du service de science des données pour OCI
-
Format de journal brut du service de protection d'infrastructure en nuage pour OCI
-
Format de journal de diagnostic Spark du service de flux de données pour OCI
-
Format du journal du contrôle de l'accès des opérateurs Oracle
-
Format de journal d'accès du service d'équilibrage de charge OCI
-
Format de journal d'erreurs du service d'équilibrage de charge OCI
-
Format de journal d'accès du service de stockage d'objets OCI
-
Version 2 du format de journal du service de vérification OCI
-
Format de journal du service de transmission de messages pour OCI
-
Format de journal de flux de données d'activités d'intégration OCI
-
Format de journal de chiffrement du service de gestion des clés OCI
-
Format de journal de diagnostic d'Oracle Access Governance Cloud Service
-
Format de journal de l'infrastructure OCI Compute Cloud@Customer
-
Format de journal de la gestion des dépendances d'application OCI
-
Format de journal des ressources du pipeline du service de science des données pour OCI
-
Format de journal de mise en cache WAF pour la périphérie de réseau OCI
Format de journal de déploiement du modèle du service de science des données pour OCI
Nom de l'analyseur : oci_data_science_model_deployment_logtype
Exemple de contenu :
{
"id": "acbf882e-7565-40be-a202-371509e60fdc",
"time": "2024-08-13T14:18:34.211Z",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..aaaaaaUniqueID",
"ingestedtime": "2024-08-13T14:18:36.931468997Z",
"loggroupid": "ocid1.loggroup.oc1.iad.amaaaaaUniqueID",
"logid": "ocid1.log.oc1.iad.amaaUniqueID",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaaUniqueID"
},
"source": "ocid1.datasciencemodeldeployment.oc1.iad.amaaaaaUniqueID",
"specversion": "1.0",
"type": "com.oraclecloud.datascience.modeldeployment.predict",
"data": {
"instance_id": "instance:341521f37dec6941",
"logEmissionTime": "2024-08-13T14:18:34.211Z",
"message": "127.0.0.1 - - [13/Aug/2024 14:18:34] \"GET /health HTTP/1.1\" 200 -",
"web_concurrency": "2"
}
}
{
"id": "1c016524-6d9f-4696-a239-ea3f8c8b045d",
"time": "2024-08-13T14:17:44.341Z",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..aaaaaaaUniqueID",
"ingestedtime": "2024-08-13T14:18:16.184515770Z",
"loggroupid": "ocid1.loggroup.oc1.iad.amaaaaaUniqueID",
"logid": "ocid1.log.oc1.iad.amaaaaUniqueID",
"tenantid": "ocid1.tenancy.oc1..aaaaaaUniqueID"
},
"source": "ocid1.datasciencemodeldeploymentpre.oc1.iad.amaaaUniqueID",
"specversion": "1.0",
"type": "com.oraclecloud.datascience.modeldeployment.access",
"data": {
"MD_OCID": "ocid1.datasciencemodeldeploymentpre.oc1.iad.amaaaUniqueID",
"instance_id": "instance:54d1ce6153ad0153",
"logEmissionTime": "2024-08-13T14:17:44+00:00",
"message": "POST /predict HTTP/1.1",
"modelLatency": 0.004,
"opcRequestId": "/97642UniqueID/46UniqueID",
"status": 200
}
}
Format de journal de tâche du service de science des données pour OCI
Nom de l'analyseur : oci_data_science_job_logtype
Exemple de contenu :
{
"id": "4a02c5da-f651-4af2-b2b7-afade57d89d1",
"time": "2024-07-26T06:30:21.168Z",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..aaaaaaUniqueID",
"ingestedtime": "2024-07-26T06:30:23.907220840Z",
"loggroupid": "ocid1.loggroup.oc1.iad.amaaaUniqueID",
"logid": "ocid1.log.oc1.iad.amaaaUniqueID",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaaUniqueID"
},
"source": "ocid1.datasciencejobrun.oc1.iad.amaaaaUniqueID",
"specversion": "1.0",
"type": "com.oraclecloud.datascience.jobrun.stderr",
"data": {
"message": "https://artifactory.example.com/": [Errno 14] curl#6 - \"Could not resolve host: artifactory.example.com; Unknown error\""
}
}
{
"id": "b8abb945-de81-4852-b97b-ad3a335414c3",
"time": "2024-07-26T06:30:21.167Z",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..aaaaaaaaUniqueID",
"ingestedtime": "2024-07-26T06:30:23.907220840Z",
"loggroupid": "ocid1.loggroup.oc1.iad.amaaaaUniqueID",
"logid": "ocid1.log.oc1.iad.amaaaaaaUniqueID",
"tenantid": "ocid1.tenancy.oc1..aaaaaUniqueID"
},
"source": "ocid1.datasciencejobrun.oc1.iad.amaaaaaUniqueID",
"specversion": "1.0",
"type": "com.oraclecloud.datascience.jobrun.stderr",
"data": {
"message": "failure: repodata.xml from artifactory.example.com: [Errno 256] No more mirrors to try."
}
}
{
"data": {
"additionalDetails": {
"X-Real-Port": 14568
},
"availabilityDomain": "AD3",
"compartmentId": "ocid1.compartment.oc1..aaaaaaaaobUniqueID",
"compartmentName": "UniqueID",
"definedTags": {
"Oracle-Tags": {
"CreatedBy": "oracleidentitycloudservice/user@example.com",
"CreatedOn": "2024-08-13T14:15:25.533Z"
}
},
"eventGroupingId": "6309F97D55994F03B30E7UniqueID",
"eventName": "GetJobRun",
"freeformTags": {},
"identity": {
"authType": "resource",
"callerId": null,
"callerName": null,
"consoleSessionId": null,
"credentials": "ST$eyJraWQiOiJhc3UniqueID",
"ipAddress": "129.158.229.67",
"principalId": "ocid1.datasciencejobrun.oc1.iad.amaaaUniqueID",
"principalName": null,
"tenantId": "ocid1.tenancy.oc1..aaaaaaaUniqueID",
"userAgent": "Oracle-PythonSDK/2.102.0 (python 3.8.0; aarch64-Linux)"
},
"message": "datasciencejobrun20240813141525 GetJobRun succeeded",
"request": {
"action": "GET",
"headers": {
"Accept": [
"application/json"
],
"Accept-Encoding": [
"gzip, deflate"
],
"Authorization": [
"Signature algorithm=\"rsa-sha256\",headers=\"date (request-target) host\",keyId=\"ST$eyJraWQiOiUniqueIDsNXQ\",signature=\"*****\",version=\"1\""
],
"Connection": [
"keep-alive"
],
"Content-Type": [
"application/json"
],
"Date": [
"Wed, 04 Sep 2024 07:51:36 GMT"
],
"User-Agent": [
"Oracle-PythonSDK/2.102.0 (python 3.8.0; aarch64-Linux)"
],
"opc-client-info": [
"Oracle-PythonSDK/2.102.0"
],
"opc-client-retries": [
"true"
],
"opc-request-id": [
"6309F97D55994F03B30E7001BA771D28"
]
},
"id": "6309F97D55994F03B30UniqueID",
"parameters": {},
"path": "/20190101/jobRuns/ocid1.datasciencejobrun.oc1.iad.amaaUniqueID"
},
"resourceId": "ocid1.datasciencejobrun.oc1.iad.amaaaaUniqueID",
"response": {
"headers": {
"Content-Encoding": [
"gzip"
],
"Content-Length": [
"953"
],
"Content-Type": [
"application/json"
],
"Date": [
"Wed, 04 Sep 2024 07:51:36 GMT"
],
"ETag": [
"4e19414a571aab3a2c81ad97c146UniqueID--gzip"
],
"Strict-Transport-Security": [
"max-age=31536000; includeSubDomains"
],
"Vary": [
"Accept-Encoding"
],
"X-Content-Type-Options": [
"nosniff",
"nosniff"
],
"opc-request-id": [
"6309UniqueID/3E1BUniqueID/420UniqueID"
]
},
"message": null,
"payload": {},
"responseTime": "2024-09-04T07:51:36.759Z",
"status": "200"
},
"stateChange": {
"current": 100,
"previous": 200
}
},
"dataschema": "2.0",
"id": "c7f684ef-a1cc-4bcb-9213-009d4ec4eb57",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..aaaaaaaUniqueID",
"ingestedtime": "2024-09-04T07:51:44.485Z",
"loggroupid": "_Audit",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaUniqueID"
},
"source": "datasciencejobrun20240813141525",
"specversion": "1.0",
"time": "2024-09-04T07:51:36.759Z",
"type": "com.oraclecloud.datascience.GetJobRun"
}
Format de journal du service OCI PostgreSQL
Nom de l'analyseur : oci_postgresql_service_logtype
Exemple de contenu :
{
"data": {
"application_name": "postgresql",
"backend_type": "not initialized",
"command_tag": "",
"conString": "",
"connection_from": "100.00.0.0:12345",
"database_name": "",
"detail": "",
"hint": "",
"internal_query": "",
"internal_query_pos": "",
"leader_pid": "",
"level": "LOG",
"location": "",
"msg": "connection received: host=100.00.0.0 port=12345",
"process_id": "27509",
"query": "",
"query_id": "0",
"query_pos": "",
"session_id": "6642505f.6b75",
"session_line_num": "1",
"session_start_time": "2024-05-13 17:39:43 UTC",
"sql_state_code": "00000",
"transaction_id": "0",
"user_name": "",
"virtual_transaction_id": ""
},
"id": "197eaaaa-aaaa-aaaa-aaaa-UniqueID",
"oracle": {
"compartmentid": "ocid1.tenancy.oc1..UniqueID",
"ingestedtime": "2024-05-13T17:40:06.401Z",
"loggroupid": "ocid1.loggroup.oc1.phx.exampleUniqueID",
"logid": "ocid1.log.oc1.phx.exampleUniqueID",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaaUniqueID"
},
"source": "ocid1.postgresqldbsystem.oc1.phx.UniqueID",
"specversion": "1.0",
"subject": "e9ed3c2b-edae-4e26-b25d-b2a5facf1d13",
"time": "2024-05-13T17:39:43.575Z",
"type": "com.oraclecloud.postgresql.postgresqlDbSystem.postgresql_database_logs"
}
{
"specversion" : "1.0",
"type" : "com.oraclecloud.postgresql.postgresqlDbSystem.postgresql_database_logs",
"source" : "DBSYSTEM_NAME",
"subject" : "dbinstance-ff36735edea9",
"id" : "DBSYSTEMNAME_2e594e66-aaaaaaa-aaaaa-aaaa-Uniqueid",
"time" : "2023-06-06T21:02:40.584Z",
"oracle": {
"logid": "ocid1.log.region1...exampleUniqueID",
"ingestedtime": "2022-05-22T04:17:31.222Z"
},
"data" : {
"dbSystemId": "ocid1.postgresqldbsystem.oc1.iad.exampleUniqueID",
"dbInstanceId": "c8418d0a-aaaaa-aaaaa-aaaa-Uniqueid",
"user_name":"oci_metrics",
"database_name":"postgres",
"process_id":2113,
"connection_from":"100.00.0.0:49218",
"session_id":"648a97e8.841",
"session_line_num":9,
"command_tag":"startup",
"session_start_time":"2023-06-15 04:47:36 GMT",
"virtual_transaction_id":"3/544",
"transaction_id":0,
"error_severity":"LOG",
"sql_state_code":"00000",
"level":"LOG",
"message":"setting \"DateStyle\"=ISO",
"detail":"",
"hint":"",
"internal_query":"",
"internal_query_pos":null,
"conString":"",
"query":"",
"query_pos":null,
"location":"",
"application_name":"postrgesql",
"backend_type":"client backend",
"leader_pid":null,
"query_id":0
}
}
Format de journal des résultats d'interrogation du service de protection d'infrastructure en nuage pour OCI
Nom de l'analyseur : oci_cloud_guard_query_results_logtype
Exemple de contenu :
{
"data": {
"executionTime": "2024-06-05T13:51:43Z",
"message": "ocid1.cloudguarddatasource.oc1.iad.UniqueID executed on nodename, result 1/1",
"result": {
"builddistro": "centos7",
"buildplatform": "linux",
"confighash": "2c01b8234d6c93aea2041b3430f8d7e26fb4f740",
"configvalid": "1",
"extensions": "active",
"instanceid": "ocid1.instance.oc1.iad.UniqueID",
"pid": "3212701",
"platformmask": "9",
"starttime": "1716921925",
"uuid": "7e5b5280-3c75-4edf-be65-98363096836c",
"version": "5.5.1_66",
"watcher": "3212697"
},
"resultGroupId": "11566c0c-811b-4193-84f2-c2b1ee50f3e4"
},
"id": "10c777d8-231a-4e04-b33b-45d2312f096b",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..UniqueID",
"ingestedtime": "2024-06-05T13:58:09.343Z",
"logid": "ocid1.log.oc1.iad.UniqueID",
"tenantid": "ocid1.tenancy.oc1..UniqueID"
},
"source": "ol9-arm-flexa1-private-internet-standard",
"specversion": "1.0",
"subject": "ocid1.cloudguarddatasource.oc1.iad.UniqueID",
"time": "2024-06-05T13:58:01.112Z",
"type": "com.oraclecloud.workloadprotection.cloudguarddatasource.wlp_scheduled_query_logs"
}
Format de journal brut du service de protection d'infrastructure en nuage pour OCI
Nom de l'analyseur : oci_cloud_guard_raw_logtype
Exemple de contenu :
{
"data": {
"executionTime": "2024-07-08T16:11:26Z",
"message": "SECSCAN executed on logan-actions-ad2, result 1/1",
"result": {
"environment": "overlay",
"daemonhost": "unix:///run/odo/docker.sock",
"image": "rules:0.2",
"imageid": "sha256:ec6790dUniqueID",
"state": "running",
"chefstatus": "success",
"clamscanexitcode": "0",
"arch": "x86_64",
"builddistro": "centos7",
"buildplatform": "linux",
"errormessage": "",
"instanceid": "ocid1.instance.oc1..UniqueID",
"issecscanhost": "false",
"command": "root /usr/bin/systemctl restart aidescan.service",
"exitcode": "",
"fqdn": "api_xyz.loganalytics.example.com",
"hostclass": "LOGAN",
"region": "us-ashburn-1",
"lastupdated": "2024-07-31T00:52:50Z"
}
},
"id": "31cbedc5-aaaa-aaaa-UniqueID",
"oracle": {
"compartmentid": "ocid1.tenancy.oc1..UniqueID",
"ingestedtime": "2024-07-08T16:18:18.654Z",
"logid": "ocid1.log.oc1..UniqueID",
"tenantid": "ocid1.tenancy.oc1..UniqueID"
},
"source": "logan-actions-ad2",
"specversion": "1.0",
"subject": "SECSCAN",
"time": "2024-07-08T16:18:10.739Z",
"type": "com.oraclecloud.workloadprotection.cloudguardtarget.recipelog"
}
Format du journal d'accélération d'application Web OCI
Nom de l'analyseur : oci_waa_logtype
Exemple de contenu :
{
"data":{
"request":{
"id":"727b8fabcc23662a8ad3754d4a3573f2"
},
"response":{
"code":"200",
"size":"73805"
},
"timestamp":"2023-08-14T05:40:24+00:00"
},
"id":"6cf12c5a-846f-4394-b882-861c5b698032-waa-192433",
"oracle":{
"compartmentid":"ocid1.compartment.oc1.uniqueId",
"ingestedtime":"2023-08-14T05:40:33.086Z",
"loggroupid":"ocid1.loggroup.oc1.uniqueId",
"logid":"ocid1.log.oc1.uniqueId",
"resourceid":"ocid1.loadbalancer.oc1.uniqueId",
"tenantid":"ocid1.tenancy.oc1.uniqueId"
},
"source":"fortLB",
"specversion":"1.0",
"subject":"",
"time":"2023-08-14T05:40:24.526Z",
"type":"com.oraclecloud.loadbalancer.waa"
}
OKE - Format de journal du plan de contrôle
Nom de l'analyseur : oci_oke_controlplane_logtype
Exemple de contenu :
{
"data": {
"level": "info",
"msg": "\"Event occurred\" object=\"oci-onm/oci-onm-discovery\" fieldPath=\"\" kind=\"CronJob\" apiVersion=\"batch/v1\" type=\"Normal\" reason=\"SuccessfulDelete\" message=\"Deleted job oci-onm-discovery-28283395\"",
"source": "event.go:294"
},
"id": "uniqueId",
"oracle": {
"compartmentid": "ocid1.compartment.oc1.uniqueId",
"ingestedtime": "2023-10-11T06:11:01.153Z",
"loggroupid": "ocid1.loggroup.oc1.uniqueId",
"logid": "ocid1.log.oc1.uniqueId",
"tenantid": "ocid1.tenancy.oc1.uniqueId"
},
"source": "kube-controller-manager",
"specversion": "1.0",
"time": "2023-10-11T06:10:08.813Z",
"type": "com.oraclecloud.kubernetes.cluster.controlplane"
}
Format de journal du centre de connecteurs de service OCI
Nom de l'analyseur : oci_service_connector_hub_logtype
Exemple de contenu :
{
"data": {
"level": "INFO",
"message": "Run succeeded - Read 2 messages from source and wrote 2 messages to target",
"messageType": "CONNECTOR_RUN_COMPLETED"
},
"id": "f83205ef-0bef-47d0-b6b2-362afc4a2e9a",
"oracle": {
"compartmentid": "ocid1.compartment.uniqueId",
"ingestedtime": "2023-08-02T00:10:28.990Z",
"loggroupid": "ocid1.loggroup.uniqueId",
"logid": "ocid1.log.uniqueId",
"resourceid": "ocid1.serviceconnector.uniqueId",
"tenantid": "ocid1.tenancy.uniqueId"
},
"source": "connectorName",
"specversion": "1.0",
"time": "2023-08-02T00:10:26.859Z",
"type": "com.oraclecloud.sch.serviceconnector.runlog"
}
Format de journal OCI GoldenGate
Nom de l'analyseur : oci_golden_gate_logtype
Exemple de contenu :
[{
"time": "2023-05-25T09:21:05.192Z",
"source": "ocid1.goldengatedeployment.uniqueId",
"id": "uniqueId",
"oracle": {
"compartmentid": "ocid1.compartment.uniqueId",
"logid": "ocid1.log.uniqueId"
},
"specversion": "1.0",
"type": "com.oraclecloud.goldengate.deployment.process_logs",
"data": {
"message": "CSRFTokenProtection: ENABLED.\nCross-Site Request Forgery checks using CSRF-Tokens will be performed.",
"level": "INFO",
"resourceId": "ocid1.goldengatedeployment.uniqueId",
"processName": "distsrvr"
}
},
{
"ts": "2023-05-25T09:21:05.192Z",
"source": "ocid1.goldengatedeployment.uniqueId",
"id": "uniqueId",
"oracle": {
"compartmentid": "ocid1.compartment.uniqueId",
"logid": "ocid1.log.uniqueId"
},
"specversion": "1.0",
"type": "com.oraclecloud.goldengate.deployment.process_logs",
"data": {
"message": "CSRFTokenProtection: ENABLED.\nCross-Site Request Forgery checks using CSRF-Tokens will be performed.",
"level": "INFO",
"resourceId": "ocid1.goldengatedeployment.uniqueId",
"processName": "distsrvr"
}
}]
Format de journal de diagnostic Spark du service de flux de données pour OCI
Nom de l'analyseur : oci_data_flow_spark_diagnostics_logtype
Exemple de contenu :
{
"data": {
"logLevel": "INFO",
"message": "Execution complete.",
"opcRequestId": "unique_ID",
"runId": "ocid1.dataflowrun.realm.region.unique_ID",
"thread": "shaded.dataflow.oracle.dfcs.spark.wrapper.DataflowWrapper"
},
"id": "unique_ID",
"oracle": {
"compartmentid": "ocid1.tenancy.oc1.unique_ID",
"ingestedtime": "2023-06-23T20:20:06.974Z",
"loggroupid": "ocid1.loggroup.realm.region.unique_ID",
"logid": "ocid1.log.realm.region.unique_ID",
"tenantid": "ocid1.tenancy.realm.region.unique_ID"
},
"source": "Sample CSV Processing App",
"specversion": "1.0",
"subject": "spark-driver",
"time": "2023-06-23T20:20:02.245Z",
"type": "com.oraclecloud.dataflow.run.driver"
}
Format de journal d'OCI Application Performance Monitoring
Nom de l'analyseur : oci_application_performance_monitoring_logtype
Exemple de contenu :
{
"data": {
"arrivaltime": "2023-03-14T15:21:27.010Z",
"content": "{\\\"major-version\\\": 1, \\\"minor-version\\\": 0, \\\"payload-creation-ts-millis\\\": 1678807286000, \\\"resource\\\": {\\\"attributes\\\": [{\\\"key\\\": \\\"Component\\\", \\\"value\\\": \\\"BROWSER\\\"}, {\\\"key\\\": \\\"ServiceName\\\", \\\"value\\\": \\\"myService\\\"}, {\\\"key\\\": \\\"ApmrumLanguage\\\", \\\"value\\\": \\\"en-US\\\"}, {\\\"key\\\": \\\"ApmrumWindowId\\\", \\\"value\\\": \\\"\\\"}, {\\\"key\\\": \\\"SessionId\\\", \\\"value\\\": \\\"session-my1678807286000-3311688\\\"}, {\\\"key\\\": \\\"UserName\\\", \\\"value\\\": \\\"meUser\\\"}]}, \\\"spans\\\": [{\\\"id\\\": \\\"my1678807286000-3311688-2929311\\\", \\\"trace-id\\\": \\\"my1678807286000-3311688\\\", \\\"name\\\": \\\"Page Load myPage\\\", \\\"ts-micros\\\": 1678807284900000, \\\"td-micros\\\": 820619, \\\"kind\\\": \\\"PRODUCER\\\", \\\"attributes\\\": {\\\"ApmrumType\\\": \\\"Page\\\", \\\"WebApplicationName\\\": \\\"myWebapp\\\", \\\"PageInitTime\\\": 870, \\\"PageFirstByteTime\\\": 412, \\\"PageDownloadTime\\\": 17, \\\"PageRenderTime\\\": 994, \\\"PageInteractiveTime\\\": 341, \\\"ApmrumPageUpdateType\\\": \\\"Page Load\\\", \\\"HttpUrl\\\": \\\"http://www.example.com/myIndex.html\\\", \\\"HttpUrlHost\\\": \\\"http://www.example.com\\\", \\\"HttpUrlPath\\\": \\\"/myIndex.html\\\", \\\"HttpStatusCode\\\": 200, \\\"Error\\\": false}, \\\"links\\\": []}, {\\\"id\\\": 5797336, \\\"trace-id\\\": \\\"my1678807286000-3311688\\\", \\\"parent-id\\\": \\\"my1678807286000-3311688-2929311\\\", \\\"name\\\": \\\"Page Load page-0\\\", \\\"ts-micros\\\": 1678807284900000, \\\"td-micros\\\": 990000, \\\"kind\\\": \\\"PRODUCER\\\", \\\"attributes\\\": {\\\"ApmrumType\\\": \\\"Page\\\", \\\"WebApplicationName\\\": \\\"myWebapp\\\", \\\"PageInitTime\\\": 110, \\\"PageFirstByteTime\\\": 304, \\\"PageDownloadTime\\\": 5, \\\"PageRenderTime\\\": 732, \\\"PageInteractiveTime\\\": 401, \\\"ApmrumPageUpdateType\\\": \\\"Page Load\\\", \\\"HttpUrl\\\": \\\"http://www.example.com/myIndex.html\\\", \\\"HttpUrlHost\\\": \\\"http://www.example.com\\\", \\\"HttpUrlPath\\\": \\\"/myIndex.html\\\", \\\"HttpStatusCode\\\": 200, \\\"Error\\\": false}, \\\"links\\\": []}]}",
"contentlength": "1616",
"dataformat": "apm",
"dataformatversion": "1",
"message": "The request is rejected due to throttling limits.",
"obstype": "public-span",
"rejectioncause": "PAYLOAD_THROTTLED"
},
"id": "unique_ID",
"oracle": {
"compartmentid": "ocid1.compartment.oc1.unique_ID",
"ingestedtime": "2023-03-14T15:21:35.427Z",
"loggroupid": "ocid1.loggroup.oc1.phx.unique_ID",
"logid": "ocid1.log.oc1.phx.unique_ID",
"tenantid": "ocid1.tenancy.oc1.unique_ID"
},
"source": "ocid1.apmdomain.oc1.phx.unique_ID",
"specversion": "1.0",
"time": "2023-03-14T15:21:27.324Z",
"type": "com.oraclecloud.apm.domain.dropped-data"
}
Format de journal du service de flux de médias pour OCI
Nom de l'analyseur : oci_media_flow_service_logtype
Exemple de contenu :
{
"data": {
"mediaWorkflowId": "ocid1.mediaworkflow.oc1.iad.UniqueID",
"mediaWorkflowJobId": "ocid1.mediaworkflowjob.oc1.iad.UniqueID",
"message": "Job execution SUCCEEDED",
"taskKey": "move",
"taskType": "getFiles"
},
"id": "e60adf8e-48be-4adc-83f4-315768905600",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..UniqueID",
"ingestedtime": "2023-03-07T07:16:39.975Z",
"loggroupid": "ocid1.loggroup.oc1.iad.UniqueID",
"logid": "ocid1.log.oc1.iad.UniqueID",
"tenantid": "ocid1.tenancy.oc1..UniqueID"
},
"source": "ocid1.mediaworkflow.oc1.iad.UniqueID",
"specversion": "1.0",
"time": "2023-03-07T07:16:37.460Z",
"type": "com.oraclecloud.mediaservice.mediaworkflowjob.execution"
}
Format du journal du contrôle de l'accès des opérateurs Oracle
Nom de l'analyseur : oracle_operator_access_control_logtype
Exemple de contenu :
{
"data": {
"accessRequestId": "ocid1.opctlaccessrequest.oc1.ap-region.uniqueId",
"message": "type=PROCTITLE msg=audit(09/08/2021 09:01:24.335:34495595) : proctitle=ps -ef",
"status": "",
"systemOcid": "ocid1.exadatainfrastructure.oc1.region.uniqueId",
"target": "",
"timestamp": "2021-09-08T09:01:24.000Z"
},
"id": "b3b102aa-daee-4861-8e2c-123456789123",
"oracle": {
"compartmentid": "ocid1.tenancy.oc1.uniqueId",
"ingestedtime": "2021-09-08T16:02:26.182Z",
"loggroupid": "ocid1.loggroup.oc1.region.uniqueId",
"logid": "ocid1.log.oc1.region.uniqueId",
"tenantid": "ocid1.tenancy.oc1.uniqueId"
},
"source": "OperatorAccessControl",
"specversion": "1.0",
"time": "2021-09-08T16:01:52.989Z",
"type": "com.oraclecloud.opctl.audit"
}
Format de journal d'accès du service d'équilibrage de charge OCI
Nom de l'analyseur : oci_loadbalancer_access_logtype
Exemple de contenu :
{
"data": {
"timestamp": "2020-09-28T17:10:39+00:00",
"clientAddr": "192.0.2.1:3427",
"host": "LB_VirtualAddress",
"backendAddr": "192.0.2.100:24443",
"requestProcessingTime": "0.003",
"backendConnectTime": "0.001",
"lbStatusCode": "200",
"receivedBytes": 100,
"sentBytes": 300,
"request": "GET /foo/abc",
"sslCipher": "ECDHE-RSA-AES256-GCM-SHA384",
"sslProtocol": "TLSv1.2",
"userAgent": "curl/7.29.0"
},
"id": "adbd63f2-0da7-4d9f-818b-308ee6-a-1849",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..aaaaaaaaenufxomt",
"ingestedtime": "2020-09-28T17:10:47.369Z",
"loggroupid": "ocid1.loggroup.oc1.iad.amaaaaaamdyb6aia4c",
"logid": "ocid1.log.oc1.iad.amaaaaaamdyb6aiaqgflbcvgcfc",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaau6w4ohcbz7otxxy"
},
"source": "logan-data-ingest-api-lb",
"specversion": "1.0",
"subject": "subject",
"time": "2020-09-28T17:10:39.266Z",
"type": "com.oraclecloud.loadbalancer.access"
}
Format de journal d'erreurs du service d'équilibrage de charge OCI
Nom de l'analyseur : oci_loadbalancer_error_logtype
Exemple de contenu :
{
"data": {
"errorLog": {
"type": "healthChecker",
"errorDetails": {
"healthStatus": "Healthy to Unhealthy",
"backendSetName": "newtest",
"backend": "192.0.2.10:80",
"details": {
"date": 1596583722793,
"failures": 3,
"successes": 0,
"skips": 0,
"message": {
"statusCode": 200,
"expectedRegex": "^notexist$",
"msg": "response match result: failed",
"base641kData": "CjwhRE9DVFAAAAAAAAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBBBBBBUwgMS4wIFRyYW5zaXRpb25hb++Q+CiAgICA8c3R5bGUgdHlwZT0i"
}
}
}
},
"timestamp": "2020-08-04T23:28:52+00:00"
},
"id": "7b06a283-140b-4870-8cda--e-0",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..aaaaaaaaenufx",
"ingestedtime": "2020-10-07T06:02:40.433Z",
"loggroupid": "ocid1.loggroup.oc1.iad.amaaaaaamdyb6a",
"logid": "ocid1.log.oc1.iad.amaaaaaamdyb6aiadglsu6l",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaau6w4ohcbz7o"
},
"source": "logan-scheduled-search-lb",
"specversion": "1.0",
"subject": "",
"time": "2020-10-07T06:02:34.564Z",
"type": "com.oraclecloud.loadbalancer.error"
}
Format de journal du service des fonctions OCI
Nom de l'analyseur : oci_function_logtype
Exemple de contenu :
{
"data": {
"applicationId": "ocid1.fnapp.oc1.region-1.abcdefg",
"containerId": "01EMNSA3300000000000000502",
"functionId": "ocid1.fnfunc.oci1.region-1.1112233abcdef",
"message": "2020-10-15 11:11:35,568 - root - INFO - Headers: {\"host\": [\"localhost\", \"abcdefg.apigateway.region-1.test\"], \"user-agent\": [\"lua-resty-http/0.14 (Lua) ngx_lua/10015\", \"curl/7.29.0\"], \"transfer-encoding\": \"chunked\", \"content-type\": [\"application/octet-stream\", \"application/octet-stream\"], \"date\": \"Thu, 15 Oct 2020 11:11:35 GMT\", \"fn-call-id\": \"01EMNZAH461BT0H4GZJ000VNEQ\", \"fn-deadline\": \"2020-10-15T11:12:05Z\", \"accept\": \"*/*\", \"cdn-loop\": \"v3pC1JgjsYAdqr6Qp6ZcMg\", \"forwarded\": \"for=192.168.0.21\", \"x-forwarded-for\": \"192.168.0.21\", \"x-myheader1\": \"headerValue\", \"x-real-ip\": \"192.168.0.21\", \"fn-http-method\": \"GET\", \"fn-http-request-url\": \"/V2/display-httprequest-info\", \"fn-intent\": \"httprequest\", \"fn-invoke-type\": \"sync\", \"oci-subject-id\": \"ocid1.apigateway.oc1.region-1.abcdef\", \"oci-subject-tenancy-id\": \"ocid1.tenancy.oc1..abcdef1234\", \"oci-subject-type\": \"resource\", \"opc-request-id\": \"/ABCDEF1122F08CD72BCDF9568DA7CC8B/01EMNZAH451BT0H4GZJ000VNEP\", \"x-content-sha256\": \"47DEQpj8HBSa+/TImW+123009abc=\", \"accept-encoding\": \"gzip\"}",
"requestId": "/ABCDEF1122F08CD72BCDF9568DA7CC8B/01EMNZAH451BT0H4GZJ000VNEP",
"src": "STDERR"
},
"id": "ceae7406-f7ba-43c4-ac12-1234",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..12345abcdef",
"ingestedtime": "2020-10-15T11:11:35.802Z",
"loggroupid": "ocid1.loggroup.oci1.region-1.22222abcdef",
"logid": "ocid1.log.oci1.region-1.12345abcdef",
"tenantid": "ocid1.tenancy.oc1..abcdef1234"
},
"source": "HTTP-REQUEST",
"specversion": "1.0",
"subject": "http-request",
"time": "2020-10-15T11:11:35.000Z",
"type": "function message type"
}
Format de journal du service d'événements OCI
Nom de l'analyseur : oci_events_logtype
Exemple de contenu :
{
"data": {
"eventId": "0d06215a-e51b-3616-93c6-123456789abc",
"message": "Event delivered successfully",
"ruleId": "ocid1.eventrule.oc1.abc.abcdef12345678901234567891234567812345678",
"target": "ocid1.stream.oc1.def.abcdef12345678901234567891234567812345698"
},
"id": "9c3cb4e7-e664-4bc7-a7c7-111223344",
"oracle": {
"compartmentid": "ocid1.compartment.abc.1111111111111111111111111111111111122222222222",
"ingestedtime": "2020-09-22T03:03:04.749Z",
"loggroupid": "ocid1.loggroup.oc1.iad.abcdef12345678901234567891234567812345677",
"logid": "ocid1.log.oc1.ghi.abcdef12345678901234567891234567812345678",
"tenantid": "ocid1.tenancy.oc1..aaaaaabcdef12345678901234567891234567812345666"
},
"source": "Stream Create Object events from log bucket to log stream",
"specversion": "1.0",
"time": "2020-09-22T03:02:54.000Z",
"type": "com.oraclecloud.eventsservice.eventrule.ruleexecutionlog"
}
Format de journal d'accès du service de stockage d'objets OCI
Nom de l'analyseur : oci_objectstorage_access_logtype
Exemple de contenu :
{
"data": {
"apiType": "native",
"authenticationType": "instance",
"bucketCreator": "Unknown",
"bucketId": "ocid1.bucket.oc1.abc.abcdef123456789",
"bucketName": "log",
"clientIpAddress": "192.0.2.1",
"compartmentId": "ocid1.compartment.oc1..abcdefg1234568888",
"compartmentName": "compartment_name",
"credentials": "abcdef123456789abcdef",
"eTag": "45385429-904b-4db1-866e-123",
"endTime": "2020-09-29T20:02:31.811Z",
"isPar": false,
"message": "Object retrieved.",
"namespaceName": "namespace_value",
"objectName": "object_name",
"opcRequestId": "iad-1:x-uGtXG5Wdk3abc",
"principalId": "ocid1.instance.oc1.12345",
"principalName": "UnknownPrincipal",
"region": "us-region-1",
"requestAction": "GET",
"requestResourcePath": "/n/namespace_value/b/log/o/object_name",
"startTime": "2020-09-29T20:02:31.787Z",
"statusCode": 200,
"tenantId": "ocid1.tenancy.oc1..6w4ohcbz7otxxy6kd",
"tenantName": "loganprod",
"userAgent": "Oracle-JavaSDK/1.19.3 (Linux/4.14.35-1902.305.4.el7uek.x86_64; Java/1.8.0_251; Java HotSpot(TM) 64-Bit GraalVM EE 19.3.2/25.251-b08-jvmci-20.1-b02-dev)",
"vcnId": "477016"
},
"id": "20919d7c-2d6d-401a-9858-123",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..lxenat5opur",
"ingestedtime": "2020-09-29T20:02:37.678Z",
"loggroupid": "ocid1.loggroup.oc1.gmsmd5c7qmebnsyx7dm",
"logid": "ocid1.log.oc1.iz6lu3innhmdyb6aiamaaaaa",
"tenantid": "ocid1.tenancy.oc1..1234"
},
"source": "log",
"specversion": "1.0",
"subject": "subject value",
"time": "2020-09-29T20:02:31.811Z",
"type": "com.oraclecloud.objectstorage.getobject"
}
Format de journal d'accès de la passerelle d'API OCI
Nom de l'analyseur : oci_api_gw_access_logtype
Exemple de contenu :
{
"data": {
"bodyBytesSent": 22,
"gatewayId": "ocid1.apigateway.oc1.region-1-ocidddddddd",
"httpUserAgent": "curl/7.29.0",
"message": "GET /V1/weather HTTP/1.1",
"opcRequestId": "/12345B88C07D061F8221193082B12345/12345801AEDEEF3BE80938595EEABCDE",
"remoteAddr": "192.0.2.1",
"requestDuration": 0.161,
"requestMethod": "GET",
"requestUri": "/V1/weather",
"serverProtocol": "HTTP/1.1",
"status": 200
},
"id": "571aab5c-f9a9-11ea-a9a1-ABC1234",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..ABC1234OCID",
"ingestedtime": "2020-09-18T12:21:29.526Z",
"loggroupid": "ocid1.loggroup.oc1.region-1.12345ABC1234OCID",
"logid": "ocid1.log.oc1.region-1.AAAABBBB",
"tenantid": "ocid1.tenancy.oc1..AAA11223344"
},
"source": "Weather",
"specversion": "1.0",
"time": "2020-09-18T12:20:29.000Z",
"type": "com.oraclecloud.apigateway.apideployment.access"
}
Format de journal d'exécution de la passerelle d'API OCI
Nom de l'analyseur : oci_api_gw_exec_logtype
Exemple de contenu :
{
"data": {
"code": "httpBackend.requestSent",
"functionId":"ocid1.fnfunc.oc1.region-1.123456",
"gatewayId": "ocid1.apigateway.oc1.region-1.AAA11223355",
"level": "INFO",
"message": "Sending request to upstream",
"opcRequestId": "/0431C52F31E68CE19AD638AAE1B05854/F6D390655FD11520B8566BF5046284CE"
},
"id": "cb851077-f9a8-11ea-a9a1-ABC1234",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..ABC1234OCID",
"ingestedtime": "2020-09-18T12:17:28.699Z",
"loggroupid": "ocid1.loggroup.oc1.region-1.12345ABC1234OCID",
"logid": "ocid1.log.oc1.region-1.AAA11223356",
"tenantid": "ocid1.tenancy.oc1..AAA11223344"
},
"source": "Weather",
"specversion": "1.0",
"time": "2020-09-18T12:16:35.000Z",
"type": "com.oraclecloud.apigateway.apideployment.execution"
}
Format de journal du schéma unifié OCI
Nom de l'analyseur : oci_unifiedschema_logtype
Exemple de contenu :
{
"data": {
},
"id": "571aab5c-f9a9-11ea-a9a1-ABC1234",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..ABC1234OCID",
"ingestedtime": "2020-09-18T12:21:29.526Z",
"loggroupid": "ocid1.loggroup.oc1.region-1.12345ABC1234OCID",
"logid": "ocid1.log.oc1.region-1.AAAABBBB",
"tenantid": "ocid1.tenancy.oc1..AAA11223344"
},
"source": "message source",
"specversion": "1.0",
"time": "2020-09-18T12:20:29.000Z",
"type": "message type"
}
Format de schéma unifié de flux de VCN OCI
Nom de l'analyseur : oci_vcn_flow_unifmt_logtype
Exemple de contenu :
{
"data": {
"action": "ACCEPT",
"bytesOut": 4843,
"destinationAddress": "192.0.2.11",
"destinationPort": 443,
"endTime": 1601204026,
"flowid": "27f8550a",
"packets": 15,
"protocol": 6,
"protocolName": "TCP",
"sourceAddress": "192.0.2.1",
"sourcePort": 46660,
"startTime": 1601204026,
"status": "OK",
"version": "2"
},
"id": "409971d6",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..aaaaaaaaenufxomtrgajc",
"ingestedtime": "2020-09-27T10:54:41.449Z",
"loggroupid": "ocid1.loggroup.oc1.iad.amaaaaaamdyb6aia4clhgcw",
"logid": "ocid1.log.oc1.iad.amaaaaaamdyb6aiaon3xwya2hcrsdnn",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaau6w4ohcbz7otxxy6kdtk",
"vniccompartmentocid": "ocid1.compartment.oc1..aaaaaaaaywgrjl",
"vnicocid": "ocid1.vnic.oc1.iad.abuwcljtw",
"vnicsubnetocid": "ocid1.subnet.oc1.iad.aaaaaaaaz"
},
"source": "ocid1.subnet.oc1.iad.aaaaaaaaz",
"specversion": "1.0",
"subject": "ocid1.vnic.oc1.iad.abuwcljtw",
"time": "2020-09-27T10:53:46.000Z",
"type": "com.oraclecloud.vcn.flowlogs.DataEvent"
}
Format de schéma unifié de vérification OCI
Nom de l'analyseur : oci_audit_unifmt_logtype
Exemple de contenu :
{
"data": {
"additionalDetails": {
"X-Real-Port": 60760
},
"availabilityDomain": "AD1",
"compartmentId": "ocid1.tenancy.uniqueId",
"compartmentName": "emdemo",
"definedTags": null,
"eventGroupingId": "eventGroupingId",
"eventName": "ParseQuery",
"freeformTags": null,
"identity": {
"authType": "fed",
"callerId": null,
"callerName": null,
"consoleSessionId": "consoleSessionId",
"credentials": "***",
"ipAddress": "203.0.113.1",
"principalId": "ocid1.saml2idp.uniqueId",
"principalName": "principalName",
"tenantId": "ocid1.tenancy.uniqueId",
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
},
"message": "ParseQuery succeeded",
"request": {
"action": "POST",
"headers": {
"Accept": [
"*/*"
],
"Accept-Encoding": [
"gzip, deflate, br"
],
"Accept-Language": [
"en"
],
"Authorization": [
"Signature ***"
],
"Connection": [
"keep-alive"
],
"Content-Length": [
"273"
],
"Content-Type": [
"application/json"
],
"Origin": [
"https://cloud.oracle.com"
],
"Referer": [
"https://cloud.oracle.com/"
],
"Sec-Fetch-Dest": [
"empty"
],
"Sec-Fetch-Mode": [
"cors"
],
"Sec-Fetch-Site": [
"cross-site"
],
"User-Agent": [
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
],
"opc-request-id": [
"opc-request-id"
],
"sec-ch-ua": [
"\"Not.A/Brand\";v=\"8\", \"Chromium\";v=\"114\", \"Google Chrome\";v=\"114\""
],
"sec-ch-ua-mobile": [
"?0"
],
"sec-ch-ua-platform": [
"\"macOS\""
],
"x-content-sha256": [
"sha256"
],
"x-date": [
"Fri, 23 Jun 2023 03:25:56 GMT"
]
},
"id": "id",
"parameters": {},
"path": "/20200601/namespaces/resource/search/actions/parse"
},
"resourceId": "resource",
"response": {
"headers": {
"Access-Control-Allow-Credentials": [
"true"
],
"Access-Control-Allow-Origin": [
"https://cloud.oracle.com"
],
"Access-Control-Expose-Headers": [
"opc-previous-page,opc-next-page,opc-client-info,ETag,opc-total-items,opc-request-id,Location"
],
"Content-Length": [
"2407"
],
"Content-Type": [
"application/json"
],
"Date": [
"Fri, 23 Jun 2023 03:25:57 GMT"
],
"Timing-Allow-Origin": [
"https://cloud.oracle.com"
],
"Vary": [
"Origin"
],
"X-Content-Type-Options": [
"nosniff"
],
"X-Frame-Options": [
"SAMEORIGIN"
],
"opc-request-id": [
"opc-request-id"
]
},
"message": null,
"payload": {},
"responseTime": "2023-06-23T03:25:57.342Z",
"status": "200"
},
"stateChange": {
"current": {
"columns": [
{
"displayName": "Log Source",
"internalName": "msrcid",
"isCaseSensitive": false,
"isEvaluable": true,
"isGroupable": true,
"isListOfValues": true,
"isMultiValued": false,
"subSystem": "LOG",
"type": "COLUMN",
"valueType": "STRING"
},
{
"displayName": "Type",
"internalName": "type",
"isCaseSensitive": false,
"isEvaluable": true,
"isGroupable": true,
"isListOfValues": false,
"isMultiValued": false,
"subSystem": "LOG",
"type": "COLUMN",
"valueType": "STRING"
}
],
"commands": [
{
"category": "FILTER",
"displayQueryString": "'Log Source' = 'OCI Audit Logs' and Type like '%logginganalytics%' and Type = com.oraclecloud.logginganalytics.query",
"internalQueryString": "log.msrcid = omc_ociAuditLogSource and log.type like '%logginganalytics%' and log.type = com.oraclecloud.logginganalytics.query",
"isHidden": false,
"name": "SEARCH",
"referencedFields": [
{
"displayName": "Log Source",
"internalName": "msrcid",
"isGroupable": true,
"name": "FIELD",
"originalDisplayNames": [
"Log Source"
],
"valueType": "STRING"
},
{
"displayName": "Type",
"internalName": "type",
"isGroupable": true,
"name": "FIELD",
"originalDisplayNames": [
"Type"
],
"valueType": "STRING"
}
],
"subQueries": []
},
{
"category": "FILTER",
"displayQueryString": "clusterdetails collection = 'dummyId' on h[1:0],u[dummyId2]",
"internalQueryString": "clusterdetails collection = 'dummyId' on h[1:0],u[dummyId2]",
"isHidden": false,
"name": "CLUSTER_DETAILS"
}
],
"displayQueryString": "'Log Source' = 'OCI Audit Logs' and Type like '%logginganalytics%' and Type = com.oraclecloud.logginganalytics.query | clusterdetails collection = 'dummyId' on h[1:0],u[dummyId2]",
"internalQueryString": "log.msrcid = omc_ociAuditLogSource and log.type like '%logginganalytics%' and log.type = com.oraclecloud.logginganalytics.query | clusterdetails collection = 'dummyId' on h[1:0],u[dummyId2]",
"responseTimeInMs": 1
},
"previous": {}
}
},
"dataschema": "2.0",
"id": "id",
"oracle": {
"compartmentid": "ocid1.tenancy.uniqueId",
"ingestedtime": "2023-06-23T03:26:02.913Z",
"loggroupid": "_Audit",
"tenantid": "ocid1.tenancy.uniqueId"
},
"source": "",
"specversion": "1.0",
"time": "2023-06-23T03:25:57.342Z",
"type": "com.oraclecloud.LoggingAnalytics.ParseQuery"
}
{
"data": {
"additionalDetails": null,
"availabilityDomain": "AD3",
"compartmentId": "ocid1.tenancy.oc1..aaaaaaaaa",
"compartmentName": "ociateam",
"definedTags": null,
"eventGroupingId": null,
"eventName": "ListCompartments",
"freeformTags": null,
"identity": {
"authType": "natv",
"callerId": "loganalytics/C5C0E55526E263A3F9111111111111",
"callerName": "loganalytics",
"consoleSessionId": null,
"credentials": "***",
"ipAddress": "192.0.2.1,198.51.100.1",
"principalId": "ocid1.user.oc1..aaaaaaaaea",
"principalName": "Admin User",
"tenantId": "ocid1.tenancy.oc1..aaaaaaaaa",
"userAgent": "Oracle-JavaSDK/2.66.0 (Linux/4.14.35-2047.529.3.2.el7uek.x86_64; Java/17.0.8; Java HotSpot(TM) 64-Bit Server VM/17.0.8+9-LTS-jvmci-21.3-b32)"
},
"message": "ListCompartments succeeded",
"request": {
"action": "GET",
"headers": {
"Accept": [
"application/json"
],
"Connection": [
"keep-alive"
],
"Date": [
"Thu, 26 Oct 2023 20:57:00 GMT"
],
"User-Agent": [
"Oracle-JavaSDK/2.66.0 (Linux/4.14.35-2047.529.3.2.el7uek.x86_64; Java/17.0.8; Java HotSpot(TM) 64-Bit Server VM/17.0.8+9-LTS-jvmci-21.3-b32)"
],
"X-Forwarded-For": [
"192.0.2.254,198.51.100.254"
],
"X-OCI-LB-NetworkMetadata": [
"{\"originalConnection\":{\"sourceIp\":\"192.0.2.84\",\"sourcePort\":57470,\"destinationIp\":\"192.0.2.12\",\"destinationPort\":443,\"protocol\":\"https\"},\"paResourceConnection\":{\"sourceIp\":\"192.0.2.19\",\"sourcePort\":57470,\"destinationIp\":\"192.0.2.12\",\"destinationPort\":443},\"paResource\":{\"ocid\":\"\",\"vcnOcid\":\"ocid1.vcn.oc1.iad.aaaaaaamdyb6aq\"}}"
],
"X-OCI-LB-PrivateAccessMetadata": [
"eyJvcmlnaW5hbENvbm5lAAAAAAAAAAAAAAAAAAAAAA="
],
"X-Real-IP": [
"203.0.113.84"
],
"X-Real-Port": [
"57470"
],
"oci-original-host": [
"identity.us-ashburn-1.oci.oraclecloud.com"
],
"oci-original-url": [
"https://identity.us-ashburn-1.oci.oraclecloud.com/20160918/compartments"
],
"oci-splat-audited": [
"true"
],
"oci-splat-service-operation-id": [
"compartments.ListCompartments"
],
"opc-client-info": [
"Oracle-JavaSDK/2.66.0"
],
"opc-obo-principal": [
"{\"tenantId\":\"ocid1.tenancy.oc1..aaaaaaaaa\",\"subjectId\":\"ocid1.user.oc1..aaaaaaaaea\",\"claims\":[{\"key\":\"pstype\",\"value\":\"natv\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"chain\",\"value\":\"\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"tgt\",\"value\":\"ocid1.tenancy.oc1..aaaaaaaaa\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"tgts\",\"value\":\"[\\\"ocid1.tenancy.oc1..aaaaaaaaa\\\"]\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"name-chain\",\"value\":\"\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"mfa_verified\",\"value\":\"true\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"ptype\",\"value\":\"user\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"ttype\",\"value\":\"obo\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"tgt_name\",\"value\":\"identity\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"own\",\"value\":\"ocid1.tenancy.oc1..aaaaaaaaa\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"tgt_names\",\"value\":\"[\\\"identity\\\"]\",\"issuer\":\"authService.oracle.com\"}]}"
],
"opc-principal": [
"{\"tenantId\":\"ocid1.tenancy.oc1..aaaaaaaaa\",\"subjectId\":\"loganalytics/C5C0E55526AAAA\",\"claims\":[{\"key\":\"opc-instance\",\"value\":\"ocid1.instance.oc1.iad.aaaaaaaa\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"h_date\",\"value\":\"Thu, 26 Oct 2023 20:57:00 GMT\",\"issuer\":\"h\"},{\"key\":\"h_host\",\"value\":\"identity.us-ashburn-1.oci.oraclecloud.com\",\"issuer\":\"h\"},{\"key\":\"svcHostingTenantId\",\"value\":\"ocid1.tenancy.oc1..aaaaaaaaa\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"ttype\",\"value\":\"x509\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"ptype\",\"value\":\"service\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"h_opc-obo-token\",\"value\":\"DUMMY\",\"issuer\":\"h\"},{\"key\":\"authorization\",\"value\":\"Signature ***\",keyId=\\\"DUMMY\\\",algorithm=\\\"rsa-sha256\\\",signature=\\\"*****\\\",version=\\\"1\\\"\",\"issuer\":\"h\"},{\"key\":\"svc\",\"value\":\"loganalytics\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"is_svc\",\"value\":\"true\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"opc-tenant\",\"value\":\"ocid1.tenancy.oc1..aaaaaaaaa\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"opc-compartment\",\"value\":\"ocid1.compartment.oc1..aaaaaaaa\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"h_(request-target)\",\"value\":\"get /20160918/compartments?compartmentId=ocid1.tenancy.oc1..aaaaaaaaa;page=AFUWCLJTAAAAAAAA&limit=1000&accessLevel=ACCESSIBLE&compartmentIdInSubtree=true\",\"issuer\":\"h\"},{\"key\":\"opc-certtype\",\"value\":\"instance\",\"issuer\":\"authService.oracle.com\"},{\"key\":\"fprint\",\"value\":\"C5:C0:77\",\"issuer\":\"authService.oracle.com\"}]}"
],
"opc-request-id": [
"74298AAAAAAAAAAAAAAA"
]
},
"id": "74298AAAAAAAAAAAAAAAAA",
"parameters": {
"accessLevel": [
"ACCESSIBLE"
],
"compartmentId": [
"ocid1.tenancy.oc1..aaaaaaaaa"
],
"compartmentIdInSubtree": [
"true"
],
"limit": [
"1"
],
"page": [
"AAAAAAAAAAJleUpyYVdRaU9pSXpOek13SWtiMzJVR0E="
]
},
"path": "/20160918/compartments"
},
"resourceId": null,
"response": {
"headers": {
"Cache-Control": [
"no-cache, no-store, must-revalidate"
],
"Content-Length": [
"784"
],
"Content-Type": [
"application/json"
],
"Date": [
"Thu, 26 Oct 2023 20:57:00 GMT"
],
"Pragma": [
"no-cache"
],
"opc-limit": [
"1"
],
"opc-next-page": [
"AAAAAAAAAAJleUpyYVdRaU9pSXpOek13SWl3aVpXNWpJam9pUVRJhZnc="
],
"opc-request-id": [
"742986C36DC6/7A39F697849/87DC14D30B3055B7"
]
},
"message": null,
"payload": null,
"responseTime": "2023-10-26T20:57:00.394Z",
"status": "200"
},
"stateChange": {
"current": null,
"previous": null
}
},
"dataschema": "2.0",
"id": "f132bf7a-c3d5-4cdb-b3e4-42344b73d48a",
"oracle": {
"compartmentid": "ocid1.tenancy.oc1..aaaaaaaaa",
"ingestedtime": "2023-10-26T20:57:09.668Z",
"loggroupid": "_Audit",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaaa"
},
"source": "",
"specversion": "1.0",
"time": "2023-10-26T20:57:00.379Z",
"type": "com.oraclecloud.Compartments.ListCompartments"
}
{
"data": {
"additionalDetails": {
"bucketName": "testBucket",
"namespace": "NAMESPACE"
},
"availabilityDomain": "PHX-AD-2",
"compartmentId": "ocid1.tenancy.oc1..aaaaaaaaa",
"compartmentName": "logantest1",
"definedTags": {},
"eventGroupingId": "phx-1:WRk50BSDAZ",
"eventName": "GetBucket",
"freeformTags": {},
"identity": {
"authType": "natv",
"callerId": null,
"callerName": null,
"consoleSessionId": null,
"credentials": "***",
"ipAddress": "192.0.2.16",
"principalId": "ocid1.user.oc1..aaaaaaaa",
"principalName": "manageUser",
"tenantId": "ocid1.tenancy.oc1..aaaaaaaaa",
"userAgent": "Apache-HttpClient/4.5.8 (Java/1.8.0_381)"
},
"message": "Bucket details retrieved.",
"request": {
"action": "GET",
"headers": {
"Accept": [
"application/json"
],
"Accept-Encoding": [
"gzip,deflate"
],
"Authorization": [
"Signature ***"
],
"Connection": [
"Keep-Alive"
],
"User-Agent": [
"Apache-HttpClient/4.5.8 (Java/1.8.0_381)"
],
"date": [
"Thu, 14 Dec 2023 17:59:28 GMT"
],
"host": [
"objectstorage.us-phoenix-1.oraclecloud.com"
]
},
"id": "phx-1:WRk50BSDAZ",
"parameters": {
"fields": [
"approximateCount,approximateSize"
],
"param0": [
"NAMESPACE"
],
"param1": [
"testBucket"
]
},
"path": "/n/NAMESPACE/b/testBucket/?fields=approximateCount%2CapproximateSize"
},
"resourceId": "/n/NAMESPACE/b/testBucket/?fields=approximateCount%2CapproximateSize",
"response": {
"headers": {
"Content-Length": [
"827"
],
"Content-Type": [
"application/json"
],
"access-control-allow-credentials": [
"true"
],
"access-control-allow-methods": [
"POST,PUT,GET,HEAD,DELETE,OPTIONS"
],
"access-control-allow-origin": [
"*"
],
"access-control-expose-headers": [
"access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-length,content-type,date,etag,opc-client-info,opc-request-id,x-api-id"
],
"cache-control": [
"no-store"
],
"date": [
"Thu, 14 Dec 2023 17:59:28 GMT"
],
"etag": [
"b863c403-7b12-4e49-94ca-5555555555AAAA"
],
"opc-request-id": [
"phx-1:WRk50BSDAZ"
],
"x-api-id": [
"native"
]
},
"message": null,
"payload": {
"id": "/n/NAMESPACE/b/testBucket/?fields=approximateCount%2CapproximateSize",
"resourceName": "/n/NAMESPACE/b/testBucket/?fields=approximateCount%2CapproximateSize"
},
"responseTime": "2023-12-14T17:59:28.169Z",
"status": "200"
},
"stateChange": null
},
"dataschema": "2.0",
"id": "b60d4c03-3d70-2e32-f9cf-13b9d87d0a24",
"oracle": {
"compartmentid": "ocid1.tenancy.oc1..aaaaaaaaa",
"ingestedtime": "2023-12-14T17:59:32.486Z",
"loggroupid": "_Audit",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaaa"
},
"source": "testBucket",
"specversion": "1.0",
"time": "2023-12-14T17:59:28.169Z",
"type": "com.oraclecloud.objectstorage.getbucket"
}
{
"data": {
"additionalDetails": {
"actorDisplayName": "Test User6",
"actorOcid": "bbbbbbbbbbbbbbbbbbbbbbbbbb",
"actorType": "User",
"resourceType": "AppRole",
"adminRefResourceName": "G",
"adminRefResourceType": "User",
"adminResourceType": "User",
"test": "test",
"adminAppRoleAppName": "AUTOANALYTICS",
"adminResourceName": "AUTONOMOUS_ANALYTICS_ServiceAdministrator",
"clientIp": "192.0.2.2",
"domainId": "ocid1.domain.oc1..aaa",
"domainName": "idcs-123",
"auditEventMapValue": "{\"schemas\"}",
"domainDisplayName": "Default",
"eventId": "sso.session.create.success",
"hostIp": "198.51.100.18",
"hostName": "idcs-sso-56d",
"message": "Session create success",
"rId": "0:1:6:14",
"ecId": "vm4Cr1w^j00000000",
"reasonValue": "",
"ssoApplicationId": "LoginClient_APPID",
"ssoApplicationName": "IAM LoginClient",
"ssoApplicationType": "APP",
"ssoBrowser": "Firefox",
"ssoCSR": "false",
"ssoComments": "Session create success",
"ssoCompletedFactors": "{USERNAME_PASSWORD=AUTH_SUCCESS}",
"ssoIdentityProvider": "UserNamePassword",
"ssoIdentityProviderType": "LOCAL",
"ssoLocalIp": "192.0.2.1",
"ssoMatchedSignOnPolicy": "DefaultSignOnPolicy",
"ssoMatchedSignOnPolicyName": "Default Sign-On Policy",
"ssoMatchedSignOnRule": "DefaultSignOnRule",
"ssoMatchedSignOnRuleName": "Default Sign-On Rule",
"ssoPlatform": "Mac OS X",
"ssoPolicyObligations": "effect:ALLOW,authenticationFactor:IDP,allowUserToSkip2FAEnrolment:false,2FAFrequency:SESSION,reAuthenticate:false,trustedDevice2FAFrequency:",
"ssoProtectedResource": "https://cloud.oracle.com",
"ssoRp": "LoginClient_APPID",
"ssoSessionCreateTime": "2022-03-09T17:18:33Z",
"ssoSessionExpiryTime": "2022-03-10T01:18:33Z",
"ssoSessionId": "61142895dd5b4d",
"ssoUserAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:97.0) Gecko/20100101 Firefox/97.0",
"idcsCreatedBy": {
"value": "0f7f60294be042b"
},
"idcsLastModifiedBy": {
"value": "0f7f60294be"
},
"adminValuesAdded": {
"authenticationFactors": [
{
"status": "ENROLLED",
"type": "TOTP"
},
{
"publicKey": "DUMMY",
"status": "INPROGRESS",
"type": "PUSH"
}
]
}
},
"availabilityDomain": "AD3",
"compartmentId": "ocid1.tenancy.oc1..aaaaa",
"compartmentName": "cc",
"definedTags": null,
"eventGroupingId": null,
"eventName": "InteractiveLogin",
"freeformTags": null,
"identity": {
"authType": null,
"callerId": null,
"callerName": null,
"consoleSessionId": null,
"credentials": null,
"ipAddress": "192.0.2.64",
"principalId": null,
"principalName": "gstest6",
"tenantId": "ocid1.tenancy.oc1..aa",
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:97.0) Gecko/20100101 Firefox/97.0"
},
"message": " InteractiveLogin succeeded",
"request": {
"action": null,
"headers": null,
"id": "DWsez1ESf10000000",
"parameters": null,
"path": null
},
"resourceId": null,
"response": {
"headers": null,
"message": null,
"payload": null,
"responseTime": "2022-03-09T17:18:33.983Z",
"status": null
},
"stateChange": {
"current": null,
"previous": null
}
},
"dataschema": "2.0",
"id": "fd380a65-c887-4d48-8a52-c405c0c96bc4",
"oracle": {
"compartmentid": "ocid1.tenancy.oc1..aaaaa",
"ingestedtime": "2022-03-09T17:18:38.743Z",
"loggroupid": "_Audit",
"tenantid": "ocid1.tenancy.oc1..aaaa"
},
"source": "",
"specversion": "1.0",
"time": "2022-03-09T17:18:33.983Z",
"type": "com.oraclecloud.IdentitySignOn.InteractiveLogin"
}
Format de journal du service de vérification OCI
Nom de l'analyseur : omc_oci_audit_logtype
Exemple de contenu :
{
"tenantId":"ocid1.tenancy.oc1..aaaaaaaagABCDEFGHKUYGASDGADDGADAGADGDAGJDAGGDjiujvy2hjgxvabc",
"compartmentId":"ocid1.tenancy.oc1..aaaaaaaauAADBCISHGDKUHAFFFFFFFFFDDDDDDDDDDDDxjlcnunxo2hbsixyz",
"compartmentName":"mycompname",
"eventId":"762d978e-f995-4208-93cf-af0e97bca529",
"eventName":"GetCapabilities",
"eventSource":"Compartments",
"eventType":"ServiceAPI",
"eventTime":"2019-09-25T15:38:48.784Z",
"principalId":"ocid1.user.oc1..aaaaaaaaabcdefghiklm6hh2fv4szofhnz62nkzdvtalajs3nzvrmcdxyza",
"credentialId":"ST$ABCDEFGHIJKLM3dfb2MxXzIwMTktMDRABCDEFGHIJKLMOiJSUzI1NiJ9eyJzd-p-9SFwuT86c-M5QC8gDZfMJ6u2Wwuu6eb91U7J3xVZdxRIHiloz20wm3JoGww7Q0YwpwV4Zyrub0c0UrW_xyzKLJYBAADYLBD",
"requestAction":"GET",
"requestId":"34d8ed99-e62c-4425-96d3-118ea684/1232AD2DD02E066E005B4A35F8B931E8/17BB11E992A4D540996942C24175C3A1",
"requestAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36",
"requestHeaders":{
"Origin":[
"https://console.us-ashburn-1.oraclecloud.com"
],
"Accept":[
"*/*"
],
"X-Forwarded-Proto":[
"http"
],
"X-Forwarded-Host":[
"identity.us-phoenix-1.oraclecloud.com:80"
],
"User-Agent":[
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36"
],
"Referer":[
"https://console.us-ashburn-1.oraclecloud.com/a/identity/users/ocid1.user.oc1..aaaaaaaabfABCDEFGHIJKLMN123456789nz62nkzdvtalajs3nzvrmcdqhvq"
],
"Sec-Fetch-Site":[
"same-site"
],
"Accept-Encoding":[
"gzip, deflate, br"
],
"X-Forwarded-Port":[
"80"
],
"x-date":[
"Wed, 25 Sep 2019 15:38:48 GMT"
],
"Sec-Fetch-Mode":[
"cors"
],
"Authorization":[
"Signature keyId=\"ST$eyJraWQiOiJhABNCDEFILUYADLBDUYDADjciLCJhbGciOiJIj.E-p-EE0FzMWBsv_sixzmzbxuasdKJFYKVBLjkPLzH-9SFwuT86c-M5QC8gDZfMJ6u2WwuuasdklhdanaABCDEFGHloz20wm3JoGww7Q0YwpwV4ajsfdkavkdgkbjdVVVVVVVaasdadw\",version=\"1\",algorithm=\"rsa-sha256\",headers=\"(request-target) host x-date\",signature=\"*****\""
],
"Opc-Request-Id":[
"34d8ed99-e62c-4425-96d3-118ea6844100"
],
"X-Forwarded-For":[
"192.0.2.19, 192.0.2.1"
],
"Accept-Language":[
"en-US,en;q=0.9,fr;q=0.8"
],
"Opc-Client-Info":[
"Oracle-HgConsole/0.0.1"
],
"X-Real-IP":[
"192.0.2.1"
],
"oci-original-url":[
"http://identity.us-phoenix-1.oraclecloud.com/20160918/compartments/ocid1.tenancy.oc1..aaaaaaaauj75yrhgABCJKFKALBSDYADTVKDA6e5c7nxlxjlcnAJDGDJAHGDA/capabilities"
]
},
"requestOrigin":"192.0.2.11",
"requestResource":"/20160918/compartments/ocid1.tenancy.oc1..aaaaaaaauj7JAHGDVKADUGashgajssJHGJKDKVSJYTDSVKUDTKSYTSKbs6ca/capabilities",
"responseHeaders":{
"Access-Control-Expose-Headers":[
"opc-previous-page,opc-next-page,opc-client-info,ETag,opc-total-items,opc-request-id,Location"
],
"Cache-Control":[
"no-cache, no-store, must-revalidate"
],
"Access-Control-Allow-Origin":[
"https://console.us-ashburn-1.oraclecloud.com"
],
"Access-Control-Allow-Credentials":[
"true"
],
"Vary":[
"Origin"
],
"Pragma":[
"no-cache"
],
"opc-request-id":[
"34d8ed99-e62c-4425-96d3-118ea684/1232ADABCJASHSDGAS234523234231E8/JADFVADTDATDAD40996942C24175C3A1"
],
"Date":[
"Wed, 25 Sep 2019 15:38:48 GMT"
],
"Content-Type":[
"application/json"
]
},
"responseStatus":"200",
"responseTime":"2019-09-25T15:38:48.851Z",
"responsePayload":{
"resourceName":"logandev",
"id":"ocid1.tenancy.oc1..aaaaaaaauj7RABCDEFGHxktbikwiqtywqdqbbbbbbaaaaaaaaanxo2hbs6ca"
},
"userName":"user100"
}
Version 2 du format de journal du service de vérification OCI
Nom de l'analyseur : omc_oci_audit_logtype_v2
Exemple de contenu :
{
"eventType":"com.oraclecloud.virtualNetwork.CreateVcn",
"cloudEventsVersion":"0.1",
"eventTypeVersion":"2.0",
"source":"virtualNetwork",
"eventId":"1fd6329b-6e11-40a5-bb48-b4db04cce956",
"eventTime":"2019-12-08T03:08:53.799Z",
"contentType":"application/json",
"data":{
"eventGroupingId":"csid0234d20c41bcafe8ae4426aa5e56/6c9d69d339e8464598b2d7",
"eventName":"CreateVcn",
"compartmentId":"ocid1.compartment.oc1..aaaaaaaa2bhu3kzsu5jhmsstbf4olwmd",
"compartmentName":"storage",
"availabilityDomain":"AD",
"identity":{
"principalName":"user1",
"principalId":"ocid1.user.oc1..aaaaaaaa36xdrbtaqilj7zqdkfotn2u53kq5a",
"authType":"natf",
"tenantId":"ocid1.tenancy.oc1..aaaaaaaagkbzgg6lpzrf47xzy4rjoxg4de6n",
"credentials":"ABCDEF0123456789",
"userAgent":"Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Firefox/68.0",
"consoleSessionId":"ABCDEF34d20c41bcafe8ae4426aa5e56",
"ipAddress":"192.0.2.1"
},
"request":{
"id":"39e8464598b2d76e3dc9f256/E60985C6435ECBF85AAAABBBCCCCD020",
"path":"/20160918/vcns",
"action":"POST",
"parameters":{
},
"headers":{
"Origin":[
"https://compute.plugins.oci.dummy.com"
],
"Accept":[
"*/*"
],
"User-Agent":[
"Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Firefox/68.0"
],
"Referer":[
"https://compute.plugins.oci.dummy.com/compute/instances/create"
],
"Connection":[
"keep-alive"
],
"Accept-Encoding":[
"gzip, deflate, br"
],
"x-date":[
"Sun, 08 Dec 2019 03:08:53 GMT"
],
"Authorization":[
"Signature keyId=\"ABCDEF0123456789-SZOT-By3-kG5Jgfbu2Zyw4Xq8va6TymkuoPw\",version=\"1\",headers=\"(request-target) host content-length content-type opc-request-id x-date\",signature=\"*****\""
],
"Accept-Language":[
"en-US,en;q=0.5"
],
"Content-Length":[
"231"
],
"opc-request-id":[
"ABCDEF0123456789339e8464598b2d76e3dc9f256"
],
"Content-Type":[
"application/json"
]
}
},
"response":{
"status":"404",
"responseTime":"2019-12-08T03:08:53.799Z",
"headers":{
"Access-Control-Expose-Headers":[
"opc-previous-page,opc-next-page,opc-client-info,ETag,opc-work-request-id,opc-total-items,opc-request-id,Location"
],
"Access-Control-Allow-Origin":[
"https://compute.plugins.oci.oraclecloud.com"
],
"Access-Control-Allow-Credentials":[
"true"
],
"X-Content-Type-Options":[
"nosniff"
],
"Connection":[
"keep-alive"
],
"Content-Length":[
"111"
],
"opc-request-id":[
"ABCDEF0123456789b2d76e3dc9f256/E60985C64112233333B2BA2CB7A8D020"
],
"Date":[
"Sun, 08 Dec 2019 03:08:53 GMT"
],
"Content-Type":[
"application/json"
]
},
"message":"CreateVcn failed with response 'NotAuthorizedOrNotFound'"
},
"stateChange":{
"previous": "previous state",
"current": "current state"
},
"additionalDetails":{
},
"internalDetails":{
}
}
}
Format de journal OCI DevOps
Nom de l'analyseur : oci_devopslog_logtype
Exemple de contenu :
{
"specversion": "1.0",
"type": "com.oraclecloud.devops.deployment",
"source": "Project name",
"subject": "ocid1.instance.oc1.region.uniqueID",
"id": "e3002eaa-d717-472e-8474-d024943a0f27",
"time": "2020-10-18T21:02:40.58Z",
"oracle": {
"logid": "ocid1.log.oc1.region.uniqueID",
"loggroupid": "ocid1.loggroup.oc1.region.uniqueID",
"tenantid": "ocid1.tenant.oc1.region.uniqueID",
"compartmentid": "ocid1.compartment.oc1.region.uniqueID",
"ingestedtime": "2020-10-18T21:02:40.58Z"
},
"data": {
"deploymentId": "ocid1.devopsdeployment.oc1.region.uniqueID",
"deployPipelineId": "ocid1.devopsdeploypipeline.oc1.region.uniqueID",
"deployStageId": "ocid1.devopsdeploystage.oc1.region.uniqueID",
"message": "Manual Approval stage: Waiting for required approvals",
"producer": "DEVOPS_SERVICE"
}
}
Format de journal de compilation OCI DevOps
Nom de l'analyseur : oci_devopsbuild_logtype
Exemple de contenu :
{
"specversion": "1.0",
"type": "com.oraclecloud.devops.build",
"source": "project name",
"subject": "ocid1.devopsbuildrun.oc1.region.uniqueID",
"id": "27868e6f-b91d-4318-868e-6fb91d9318e9",
"time": "2020-10-18T21:02:40.58Z",
"oracle": {
"logid": "ocid1.log.oc1.region.uniqueID",
"loggroupid": "ocid1.loggroup.oc1.region.uniqueID",
"tenantid": "ocid1.tenancy.oc1.uniqueID",
"compartmentid": "ocid1.compartment.oc1.uniqueID",
"ingestedtime": "2020-10-18T21:02:40.58Z"
},
"data": {
"buildPipelineId": "ocid1.devopsbuildpipeline.oc1.region.uniqueID",
"buildRunId": "ocid1.devopsbuildrun.oc1.region.uniqueID",
"buildStageId": "ocid1.devopsbuildpipelinestage.oc1.region.uniqueID",
"message": "Starting BUILD_SPEC_EXECUTION",
"producer": "DEVOPS_SERVICE"
}
}
Format de journal du service de transmission de messages pour OCI
Nom de l'analyseur : oci_emaildelivery_logtype
Exemple de contenu :
{
"specversion": "1.0",
"type": "com.oraclecloud.emaildelivery.emaildomain.outboundrelayed",
"source": "example.com",
"time": "2021-02-20T09:01:40.000Z",
"id": "2eefd817-0a53-4be0-990c-224708aff337",
"oracle": {
"logid": "ocid1.log.oc1.region.uniqueID"
},
"data": {
"action": "relay",
"messageId": "12345",
"sender": "support@example.com",
"senderCompartmentId": "ocid1.compartment.oc1.region.uniqueID",
"senderId": "ocid1.emailsender.oc1.region.uniqueID",
"recipient": "user@example.com",
"receivingDomain": "example.com",
"sourceAddress": "192.0.2.10",
"dkimSelector": "selector1",
"messageSizeInKiB": 2,
"recipientMailServer": "bmta.email.region.oraclecloud.com (198.51.100.1)",
"internalProcessingDurationInMs": 20,
"tlsCipher": "TLS_AES_128_GCM_SHA256",
"sendingPoolName": "REGOCIVMTAs",
"bounceCategory": "bad-mailbox",
"bounceCode": "5.1.1",
"reportGeneratedTime": "2021-02-24T22:50:22.123Z",
"originalMessageAcceptedTime": "2021-02-23T22:50:22.123Z",
"headers": {
"X-Campaign-ID": "campaign1",
"Recipient-Group-ID": "group1",
"Sub-Account-ID": "account1"
},
"errorType": "Authorization failure",
"smtpStatus": "550 5.1.1 unknown or illegal alias: 974-4710-b440-52e9e1a70cb8-user@example.com",
"message": "Email approved Body From address: support@example.com is not authorized or not found"
}
}
Format de journal du RPV site-à-site OCI
Nom de l'analyseur : oci_site2sitevpn_logtype
Exemple de contenu :
{
"data":
{
"message":" \"2062988354_1\": terminating SAs using this connection",
"tunnelId":"ocid1.ipsectunnel.oc1.region.uniqueID"
},
"id":"e3002eaa-d717-472e-8474-d024943a0f27",
"oracle":
{
"compartmentid":"ocid1.compartment.oc1.region.uniqueID",
"ingestedtime":"2021-02-18T18:22:01.453Z",
"loggroupid":"ocid1.loggroup.oc1.region.uniqueID",
"logid":"ocid1.log.oc1.region.uniqueID",
"tenantid":"ocid1.tenancy.oc1.region..uniqueID"
},
"source":"ocid1.ipsecconnection.oc1.region.uniqueID",
"specversion":"1.0",
"time":"2021-02-18T18:21:52.024Z",
"type":"com.oraclecloud.vpn.ipseclog.read"
}
Format de journal WAF pour OCI
Nom de l'analyseur : oci_waf_logtype
Exemple de contenu :
{
"data": {
"backendStatusCode": "200",
"clientAddr": "192.0.2.150",
"countryCode": "us",
"host": "hostnamefoo",
"listenerPort": "80",
"request": {
"httpVersion": "HTTP/1.1",
"id": "685e4e2015eb0ebeea93123456789",
"method": "GET",
"path": "/?tst=KztAAU"
},
"requestAccessControl": {
"matchedRules": "block_test_host_url"
},
"requestProtection": {
"matchedData": "Matched Data: KztAAU found within ARGS:tst",
"matchedIds": "944210_v001",
"matchedRules": "Java_Code_Injection"
},
"response": {
"code": "401",
"size": "303"
},
"responseAccessControl": {
"matchedRules": "1st_rule"
},
"responseProtection": {},
"responseProvider": "requestProtection/Java_Code_Injection",
"timestamp": "2021-09-29T15:52:47Z"
},
"id": "5c328018-f7d1-45ac-8d66-af0ad919bd85-waf-342734",
"oracle": {
"compartmentid": "ocid1.compartment.oc1.region.uniqueId",
"ingestedtime": "2021-09-29T15:52:53.764Z",
"loggroupid": "ocid1.loggroup.oc1.region.uniqueId",
"logid": "ocid1.log.oc1.region.uniqueId",
"resourceid": "ocid1.webappfirewall.oc1.region.uniqueId",
"tenantid": "ocid1.tenancy.oc1.region.uniqueId"
},
"source": "lbwaf_source",
"specversion": "1.0",
"subject": "",
"time": "2021-09-29T15:52:47.875Z",
"type": "com.oraclecloud.loadbalancer.waf"
}
Format du journal d'accélération d'application Web OCI
Nom de l'analyseur : oci_waa_logtype
Exemple de contenu :
{
"data":{
"request":{
"id":"727b8fabcc23662a8ad3754d4a3573f2"
},
"response":{
"code":"200",
"size":"73805"
},
"timestamp":"2023-08-14T05:40:24+00:00"
},
"id":"6cf12c5a-846f-4394-b882-861c5b698032-waa-192433",
"oracle":{
"compartmentid":"ocid1.compartment.oc1.uniqueId",
"ingestedtime":"2023-08-14T05:40:33.086Z",
"loggroupid":"ocid1.loggroup.oc1.uniqueId",
"logid":"ocid1.log.oc1.uniqueId",
"resourceid":"ocid1.loadbalancer.oc1.uniqueId",
"tenantid":"ocid1.tenancy.oc1.uniqueId"
},
"source":"fortLB",
"specversion":"1.0",
"subject":"",
"time":"2023-08-14T05:40:24.526Z",
"type":"com.oraclecloud.loadbalancer.waa"
}
Format de journal de flux de données d'activités d'intégration OCI
Nom de l'analyseur : oci_integration_actstream_logtype
Exemple de contenu :
{
"data": {
"actionName": "log2",
"actionType": "Logger",
"operationName": "execute",
"endpointName": "helloWorld",
"instanceId": "65202025",
"executionTimeInMillis":"1",
"integrationFlowIdentifier": "HELLO_WORLD!01.02.0000",
"message": "Length of parameter is 4",
"executedTime": "2022-05-16T11:27:35.529Z",
"userId": "user@domain.com"
},
"id": "38c5cc58-f9f6-11eb-bee4-0200170046fa",
"oracle": {
"compartmentid": "ocid1.compartment.oc1.region.uniqueID",
"ingestedtime": "2021-07-10T16:16:01.527Z",
"loggroupid": "ocid1.loggroup.oc1.region.uniqueID",
"logid": "ocid1.log.oc1.region.uniqueID",
"tenantid": "ocid1.tenancy.oc1.region.uniqueID"
},
"source": "HelloWorld Integration Instance",
"specversion": "1.0",
"time": "2021-07-10T16:15:59.469Z",
"type": "com.oraclecloud.integration.integrationinstance.activitystream"
}
{
"data": {
"actionType": "Mapper",
"eventId": "1_zAm9E9Ee6tSucceuQmKw",
"executedTime": "2024-02-22T04:50:04.194Z",
"instanceId": "1-95vdE9Ee6Hir23lD2fqw",
"integrationFlowIdentifier": "ORCL-R-INCREM-VARIAB-INSIDE_LOOP!01.00.0001",
"message": "Data Mapping completed",
"opcRequestId": "I9XVQUC5CA4CGWXAV5F29K1VHVUOIZEL/68GOQ6F5KURAHS582H267VBP3WDASFGY/F1F4R5W4ICL3SW57QMSMXENU7PR39IUE",
"projectCode": "ORCL-R-INCREM-VARIAB-INSIDE_LOOP",
"userId": "l2serviceadmin"
},
"id": "d7fcc09c-d13d-11ee-ad4a-35862ed56130",
"oracle": {
"compartmentid": "ocid1.compartment.uniqueID",
"ingestedtime": "2024-02-22T04:50:19.406Z",
"loggroupid": "ocid1.loggroup.uniqueID",
"logid": "ocid1.log.uniqueID",
"tenantid": "ocid1.tenancy.uniqueID"
},
"source": "ocid1.integrationinstance.uniqueID",
"specversion": "1.0",
"time": "2024-02-22T04:50:19.000Z",
"type": "com.oraclecloud.integration.integrationinstance.activitystream"
}
{
"data": {
"eventId": "1_xLZNE9Ee6tSucceuQmKw",
"executedTime": "2024-02-22T04:50:04.191Z",
"instanceId": "1-95vdE9Ee6Hir23lD2fqw",
"key": "first Name",
"message": "variable",
"opcRequestId": "I9XVQUC5CA4CGWXAV5F29K1VHVUOIZEL/68GOQ6F5KURAHS582H267VBP3WDASFGY/F1F4R5W4ICL3SW57QMSMXENU7PR39IUE",
"userId": "l2serviceadmin",
"value": "John"
},
"id": "d7fc4b66-d13d-11ee-ad4a-35862ed56130",
"oracle": {
"compartmentid": "ocid1.compartment.uniqueID",
"ingestedtime": "2024-02-22T04:50:19.406Z",
"loggroupid": "ocid1.loggroup.uniqueID",
"logid": "ocid1.log.uniqueID",
"tenantid": "ocid1.tenancy.uniqueID"
},
"source": "ocid1.integrationinstance.uniqueID",
"specversion": "1.0",
"time": "2024-02-22T04:50:19.000Z",
"type": "com.oraclecloud.integration.integrationinstance.activitystream"
}
Format du journal des menaces du pare-feu de réseau OCI
Nom de l'analyseur : oci_network_firewall_threat_logtype
Exemple de contenu :
{
"data": {
"action": "alert",
"device_name": "PA-VM",
"direction": "server-to-client",
"dst": "192.0.2.250",
"dstloc": "192.0.2.1-192.0.2.254",
"dstuser": "no-value",
"firewall-id": "ocid1.networkfirewall.oc1.region.uniqueID",
"proto": "udp",
"receive_time": "2022/10/18 14:27:15",
"rule": "AllowAll",
"sessionid": "613924",
"severity": "informational",
"src": "203.0.113.1",
"srcloc": "United States",
"srcuser": "no-value",
"subtype": "vulnerability",
"thr_category": "protocol-anomaly",
"threatid": "Non-RFC Compliant DNS Traffic on Port 53/5353"
},
"id": "ab991b1b-286a-4968-b1a2-77b31bf0fa12",
"oracle": {
"compartmentid": "ocid1.tenancy.oc1.region.uniqueID",
"ingestedtime": "2022-10-18T14:27:37.295Z",
"loggroupid": "ocid1.loggroup.oc1.region.uniqueID",
"logid": "ocid1.log.oc1.region.uniqueID",
"tenantid": "ocid1.tenancy.oc1.region.uniqueID"
},
"source": "ocid1.networkfirewall.oc1.region.uniqueID",
"specversion": "1.0",
"time": "2022-10-18T14:27:15.000Z",
"type": "com.oraclecloud.networkfirewall.threat"
}
Format de journal du trafic du pare-feu de réseau OCI
Nom de l'analyseur : oci_network_firewall_traffic_logtype
Exemple de contenu :
{
"data": {
"action": "allow",
"bytes": "588",
"bytes_received": "0",
"bytes_sent": "588",
"chunks": "0",
"chunks_received": "0",
"chunks_sent": "0",
"config_ver": "2561",
"device_name": "PA-VM",
"dport": "0",
"dst": "192.0.2.2",
"dstloc": "India",
"firewall-id": "ocid1.networkfirewall.oc1.region.uniqueID",
"packets": "6",
"pkts_received": "0",
"pkts_sent": "6",
"proto": "icmp",
"receive_time": "2022/08/27 08:00:52",
"rule": "AllowAll",
"rule_uuid": "ce6bc5b0-3ea8-4592-85f6-b470c4702e1f",
"serial": "192743405F7D70D",
"sessionid": "32114",
"sport": "0",
"src": "198.51.100.10",
"srcloc": "198.51.100.1-198.51.100.254",
"time_received": "2022/08/27 08:00:52"
},
"id": "5e905ffe-a528-420d-a9df-7b1b2c221cdf",
"oracle": {
"compartmentid": "ocid1.tenancy.oc1.region.uniqueID",
"ingestedtime": "2022-08-27T08:00:56.004Z",
"loggroupid": "ocid1.loggroup.oc1.region.uniqueID",
"logid": "ocid1.log.oc1.region.uniqueID",
"tenantid": "ocid1.tenancy.oc1.region.uniqueID"
},
"source": "ocid1.networkfirewall.oc1.region.uniqueID",
"specversion": "1.0",
"time": "2022-08-27T08:00:52.000Z",
"type": "com.oraclecloud.networkfirewall.traffic"
}
Format de journal du tunnel du pare-feu de réseau OCI
Nom de l'analyseur : oci_network_firewall_tunnel_inspection_logtype
Exemple de contenu :
{
"data": {
"action": "allow",
"app": "vxlan",
"bytes": "58385",
"bytes_received": "0",
"bytes_sent": "58385",
"device_name": "PA-VM",
"dport": "4789",
"dst": "10.0.30.53",
"dstloc": "10.0.0.0-10.255.255.255",
"firewall-id": "ocid1.networkfirewall.oc1.us-sanjose-1.UniqueID",
"max_encap": "0",
"monitortag": "1135037",
"packets": "31",
"parent_session_id": "0",
"parent_start_time": "no-value",
"pkts_received": "0",
"pkts_sent": "31",
"proto": "udp",
"receive_time": "2024/10/16 05:28:02",
"rule": "allow-all",
"seqno": "7342599UniqueID",
"serial": "UniqueID",
"sessionid": "34687",
"sport": "0",
"src": "10.0.200.254",
"srcloc": "10.0.0.0-10.255.255.255",
"strict_check": "0",
"tunnel": "tunnel",
"tunnel_fragment": "0",
"tunnel_insp_rule": "allow-tunnel-inspect-rule",
"tunnelid": "1135037",
"unknown_proto": "0"
},
"id": "a664a3ce-ba22-4b33-UniqueID",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..UniqueID",
"ingestedtime": "2024-10-16T05:29:28.543Z",
"loggroupid": "ocid1.loggroup.oc1.us-sanjose-1.UniqueID",
"logid": "ocid1.log.oc1.us-sanjose-1..UniqueID",
"tenantid": "ocid1.tenancy.oc1..UniqueID"
},
"source": "ocid1.networkfirewall.oc1.us-sanjose-1..UniqueID",
"specversion": "1.0",
"time": "2024-10-16T05:28:02.000Z",
"type": "com.oraclecloud.networkfirewall.tunnel"
}Format de journal du moteur de mémoire cache OCI
Nom de l'analyseur : oci_cache_engine_logtype
Exemple de contenu :
{
"data": {
"level": "WARNING",
"message": "Cluster state changed: fail",
"node": "UniqueID",
"role": "M"
},
"id": "UniqueID",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..UniqueID",
"ingestedtime": "2024-09-16T08:46:07.963Z",
"loggroupid": "ocid1.loggroup.oc1.ap-mumbai-1.UniqueID",
"logid": "ocid1.log.oc1.ap-mumbai-1.UniqueID",
"tenantid": "ocid1.tenancy.oc1..UniqueID"
},
"source": "ocid1.rediscluster.oc1.ap-mumbai-1.UniqueID",
"specversion": "1.0",
"time": "2024-09-16T08:46:01.574Z",
"type": "com.oraclecloud.oci-cache.cluster.engine-logs"
}
{
"data": {
"level": "VERBOSE",
"message": "Reading from client: (null)",
"node": "amaaaaaaumb6i5aafh7UniqueID",
"role": "M"
},
"id": "3e666a30-852c-4e9d-UniqueID",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..aaaaaaaUniqueID",
"ingestedtime": "2024-10-08T02:30:26.281Z",
"loggroupid": "ocid1.loggroup.oc1.ap-mumbai-1.amaaaaaUniqueID",
"logid": "ocid1.log.oc1.ap-mumbai-1.amaaaaaaumUniqueID",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaaicizkujlUniqueID"
},
"source": "ocid1.rediscluster.oc1.ap-mumbai-1.amaaaaaaUniqueID",
"specversion": "1.0",
"time": "2024-10-08T02:30:23.737Z",
"type": "com.oraclecloud.oci-cache.cluster.engine-logs"
}Format de journal de chiffrement du service de gestion des clés OCI
Nom de l'analyseur : oci_key_mgmt_crypto_log_format
Exemple de contenu :
{
"data": {
"clientIpAddress": "192.168.0.100",
"keyVersionId": "ocid1.keyversion.oc1.eu-frankfurt-1..UniqueID",
"opcRequestId": "5ADC5251BB4B470C928B74FC21aaaaaa",
"principalId": "ocid1.instance.oc1.eu-frankfurt-1.UniqueID",
"requestAction": "ENCRYPT",
"statusCode": 200
},
"id": "3ace7f3a-d9a7-428f-UniqueID",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..UniqueID",
"ingestedtime": "2025-03-06T18:40:45.584Z",
"loggroupid": "ocid1.loggroup.oc1.eu-frankfurt-1.UniqueID",
"logid": "ocid1.log.oc1.eu-frankfurt-1.amaaaaaanUniqueID",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaazUniqueID"
},
"source": "ocid1.vault.oc1.eu-frankfurt-1.cUniqueID",
"specversion": "1.0",
"subject": "ocid1.key.oc1.eu-frankfurt-1.UniqueID",
"time": "2025-03-06T18:40:26.735Z",
"type": "com.oraclecloud.keymanagementservice.vault.crypto.encrypt"
}
Format de journal de diagnostic d'Oracle Access Governance Cloud Service
Nom de l'analyseur : oci_agcs_diagnostic_log_format
Exemple de contenu :
{
"data": {
"logGroup": "idm-agcs-caas-campaign",
"message": "Insights/ML service failed to respond within 4 hours",
"objectId": "ocid1.agcscampaign.oc1.iad.amaaaaaaeUniqueID",
"objectName": "SKS-T17-UniqueID organization AMACLEAD Apr 29, 2025, 1:27:43 PM - Clone",
"opcRequestId": "425DDC863B38C49985AUniqueID",
"ownerId": "globalId.7e51e122-4a6e-448b-a8a5-1a3UniqueID",
"ownerUsername": "sampleuser@oracle.COM",
"reasonCode": "INSIGHTS_EVENT_NOT_RECEIVED",
"reasonMsg": "Insights/ML service failed to respond within 4 hours for campaignId=ocid1.agcscampaign.oc1.iad.amaaaaaaUniqueID, serviceId=ocid1.agcsgovernanceinstance.oc1.iad.amaaaaaaebkbezqaaeta3yUniqueID, tenantId=ocid1.tenancy.oc1..aaaaaaaazp2vvUniqueID",
"state": "SYSTEM_ABORTED"
},
"id": "cfbe31e4-2765-4aa0-af41-UniqueID",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..aaaaaaaaUniqueID",
"ingestedtime": "2025-04-29T10:46:40.900Z",
"loggroupid": "ocid1.loggroup.oc1.iad.amaaaaaaeUniqueID",
"logid": "ocid1.log.oc1.iad.amaaaaaaeUniqueID",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaaUniqueID"
},
"source": "knp-dev-4-oct-4",
"specversion": "1.0",
"subject": "ocid1.agcsgovernanceinstance.oc1.iad.amaaaaaaUniqueID",
"time": "2025-04-29T10:46:33.840Z",
"type": "com.oraclecloud.agcs.agcsgovernanceinstance.abnormalclosure"
}Format de journal du résolveur DNS privé OCI
Nom de l'analyseur : oci_dns_resolver_logtype
Exemple de contenu :
{
"data": {
"additionalCount": 1,
"answer": "[A 127.0.0.1]",
"answerCount": 1,
"authorityCount": 1,
"dataschema": "1.1",
"destinationAddress": "127.0.0.1",
"destinationPort": "53",
"latency": 1,
"messageId": 55293,
"path": "private",
"protocol": "udp",
"qclass": "IN",
"qname": "UniqueID-1.oraclecloud.com.",
"qtype": "AAAA",
"rcode": "0",
"rcodeName": "NOERROR",
"sourceAddress": "127.0.0.1",
"sourcePort": 33207,
"ttl": 10
},
"id": "197315-1747075455-UniqueID",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..aaaaaaaaUniqueID",
"ingestedtime": "2025-05-12T18:45:37Z",
"loggroupid": "ocid1.loggroup.oc1.iad.amaaaaaaUniqueID",
"logid": "ocid1.log.oc1.iad.amaaaaaaUniqueID",
"resourceType": "dns.privateResolver",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaaUniqueID",
"vcnId": "ocid1.vcn.oc1.iad.amaaaaaaUniqueID",
"viewId": "ocid1.dnsview.oc1.iad.amaaaaaaUniqueID"
},
"source": "ocid1.dnsresolver.oc1.iad.amaaaaaaUniqueID",
"specversion": "1.0",
"time": "2025-05-12T18:44:15.382Z",
"type": "com.oraclecloud.dns.private.resolver"
}
{
"data": {
"additionalCount": 1,
"answer": "[A 127.0.0.1] [A 127.0.0.2] [A 127.0.0.3] [A 127.0.0.4] [A 127.0.0.5] [A 127.0.0.6]",
"answerCount": 6,
"authorityCount": 0,
"dataschema": "1.1",
"destinationAddress": "127.0.0.7",
"destinationPort": "53",
"latency": 1,
"messageId": 37396,
"path": "internet",
"protocol": "udp",
"qclass": "IN",
"qname": "sample.com.",
"qtype": "A",
"rcode": "0",
"rcodeName": "NOERROR",
"sourceAddress": "127.0.0.8",
"sourcePort": 55063,
"ttl": 221
},
"id": "222966-1750169114-UniqueID",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..aaaaaaaUniqueID",
"ingestedtime": "2025-06-17T14:06:14.692Z",
"loggroupid": "ocid1.loggroup.oc1.iad.amaaaaaaUniqueID",
"logid": "ocid1.log.oc1.iad.amaaaaaaUniqueID",
"resourceType": "dns.privateResolver",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaakUniqueID",
"vcnId": "ocid1.vcn.oc1.iad.amaaaaaaUniqueID"
},
"source": "ocid1.dnsresolver.oc1.iad.amaaaaaaUniqueID",
"specversion": "1.0",
"time": "2025-06-17T14:05:14.280Z",
"type": "com.oraclecloud.dns.private.resolver"
}
{
"data": {
"additionalCount": 1,
"answer": "[A 127.0.0.1]",
"answerCount": 1,
"authorityCount": 0,
"dataschema": "1.1",
"destinationAddress": "127.0.0.1",
"destinationPort": "53",
"latency": 1,
"messageId": 56118,
"path": "private",
"protocol": "udp",
"qclass": "IN",
"qname": "www.oraclecloud.com.",
"qtype": "A",
"rcode": "0",
"rcodeName": "NOERROR",
"sourceAddress": "127.0.0.1",
"sourcePort": 48919,
"ttl": 30
},
"id": "164900-1747079910-UniqueID",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..aaaaaaUniqueID",
"ingestedtime": "2025-05-12T19:59:06.756Z",
"loggroupid": "ocid1.loggroup.oc1.iad.amaaaaaaUniqueID",
"logid": "ocid1.log.oc1.iad.amaaaaaaUniqueID",
"resourceType": "dns.privateResolver",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaaUniqueID",
"vcnId": "ocid1.vcn.oc1.iad.amaaaaaakUniqueID",
"viewId": "ocid1.dnsview.oc1.iad.amaaaaaakUniqueID"
},
"source": "ocid1.dnsresolver.oc1.iad.amaaaaaUniqueID",
"specversion": "1.0",
"time": "2025-05-12T19:58:30.569Z",
"type": "com.oraclecloud.dns.private.resolver"
}Format de journal de l'infrastructure OCI Compute Cloud@Customer
Nom de l'analyseur : oci_ccc_infra_logtype
Exemple de contenu :
{
"data": {
"source": "ocid1.cccinfrastructure.oc1.iad.amaaaaaaclsUniqueID",
"sourcetype": "com.oraclecloud.ccc.cccinfrastructure",
"actorId": "ocid1.user.oc1.us-sanjose-1.1zorar9smauUniqueID",
"actorType": "USER",
"message": "GetInstance succeeded",
"opcRequestId": "8a08e5a335269d54cUniqueID5/3f4793d8-07df-419c-UniqueIDf/adf8e13b-61ab-4d9b-UniqueID",
"requestMethod": "GET",
"requestPath": "/20160918/instances/ocid1.cccinstance.oc1.us-sanjose-1.iaoz2d4mnqq.amaaaaaanl2niUniqueID",
"requestUri": "/20160918/instances/ocid1.cccinstance.oc1.us-sanjose-1.iaoz2d4mnqq.amaaaaaaUniqueID",
"success": "1",
"summary": "GetInstance"
},
"id": "773d65fc-7344-4c58-8369-UniqueID",
"oracle": {
"compartmentid": "ocid1.tenancy.oc1..aaaaaaaaUniqueID",
"ingestedtime": "2025-04-29T07:56:05.489Z",
"loggroupid": "ocid1.loggroup.oc1.us-sanjose-1.amaaaaaaUniqueID",
"logid": "ocid1.log.oc1.us-sanjose-1.amaaaaaanUniqueID",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaaUniqueID"
},
"source": "iaoz2d4mnqq",
"specversion": "1.0",
"id": "e8d8a8a2-5cba-41ed-a752-UniqueID",
"time": "2025-04-29T06:56:09.721Z",
"type": "com.oraclecloud.ccc.cccinfrastructure.log"
}
{
"specversion": "1.0",
"source": "dki5jrune5q",
"type": "com.oraclecloud.ccc.cccinfrastructure.log",
"id": "e8d8a8a2-5cba-41ed-a752-UniqueID",
"time": "2025-09-02T06:48:43.594Z",
"data": {
"actorId": "ocid1.user.oc1..aaaaaaaaqUniqueID",
"actorType": "USER",
"message": "ListImages succeeded.",
"opcRequestId": "/23927376-777b-4feb-b76c-UniqueID/da8d0e7a-85a2-4641-bae3-UniqueID",
"requestMethod": "GET",
"requestPath": "/20160918/images",
"requestUri": "",
"source": "ocid1.cccinfrastructure.oc1.iad.amaaaaaakUniqueID",
"sourcetype": "com.oraclecloud.ccc.cccinfrastructure",
"success": "200 OK",
"summary": "GET /20160918/images 200 OK"
},
"oracle": {
"logid": "ocid1.log.oc1.iad.amaaaaaaUniqueID"
}
}Format de journal de la gestion des dépendances d'application OCI
Nom de l'analyseur : oci_adm_logtype
Exemple de contenu :
{
"data": {
"level": "INFO",
"message": "Creating the vulnerability audit.",
"remediationRunId": "ocid1.admremediationrun.uniqueId",
"stage": "DETECT"
},
"id": "347e5759-65d1-428c-bfcb-uniqueId",
"oracle": {
"compartmentid": "ocid1.compartment.uniqueId",
"ingestedtime": "2023-11-28T10:58:15.307Z",
"loggroupid": "ocid1.loggroup.uniqueId",
"logid": "ocid1.log.uniqueId",
"tenantid": "ocid1.tenancy.uniqueId"
},
"source": "ocid1.admremediationrecipe.uniqueId",
"specversion": "1.0",
"time": "2023-11-28T10:58:13.699Z",
"type": "com.oraclecloud.adm.remediationrecipe.remediationrecipelogs"
}Format du journal d'accès à l'application d'apprentissage automatique du service de science des données pour OCI
Nom de l'analyseur : oci_ds_ml_app_access_logtype
Exemple de contenu :
{
"data": {
"message": "/instance/ocid1.datasciencemlappinstanceint.oc1.iad.amaaaaaaUniqueID/predictionUseCase/Canary",
"opcRequestId": "canary-prediction-request/A0B53FDCBUniqueID/80UniqueID",
"predictionUseCase": "Canary",
"requestSize": 2,
"responseDurationMillis": 112,
"responseSize": 29,
"status": 200,
"upstreamOpcRequestId": "canary-prediction-request/A0B53FDCB4B1E3F1D2UniqueID/1EC6CA6188EDD8293BBFUniqueID",
"upstreamResponseDurationMillis": 63,
"upstreamStatus": 200
},
"id": "08da1849-8f0e-4529-8f1c-UniqueID",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..aaaaaaaasjsidtonUniqueID",
"ingestedtime": "2025-11-27T12:08:59.054Z",
"loggroupid": "ocid1.loggroup.oc1.iad.amaaaaaaUniqueID",
"logid": "ocid1.log.oc1.iad.amaaaaaasolc3naarwglUniqueID",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaanapiblgj6UniqueID"
},
"source": "Canary Prediction IAM ML-Application-Implementation",
"specversion": "1.0",
"time": "2025-11-27T12:08:53.508Z",
"type": "com.oraclecloud.datascience.mlapplication.access"
}Format de journal des ressources du pipeline du service de science des données pour OCI
Nom de l'analyseur : oci_ds_ppl_res_logtype
Exemple de contenu :
{
"data": {
"message": "Step dataflow is ACCEPTED, lifecycle details: Starting run submission."
},
"id": "d83e7511-8546-48b5-UniqueID",
"oracle": {
"compartmentid": "ocid1.compartment.oc1..aaaaaaaavUniqueID",
"ingestedtime": "2026-02-12T00:33:10.864Z",
"loggroupid": "ocid1.loggroup.oc1.iad.amaaaaaayUniqueID",
"logid": "ocid1.log.oc1.iad.amaaaaaayUniqueID",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaafUniqueID"
},
"source": "ocid1.datasciencepipelinerun.oc1.iad.amaaaaaayUniqueID",
"specversion": "1.0",
"subject": "dataflow",
"time": "2026-02-12T00:33:03.046Z",
"type": "com.oraclecloud.datascience.pipeline.pipelinerunlog"
}Format de journal de mise en cache WAF pour la périphérie de réseau OCI
Nom de l'analyseur : oci_edge_waf_caching_logtype
Exemple de contenu :
{"upstream_response_time":"-","request_xff":"127.0.0.1","country_name":"France","ml_waf_training_trusted":"","cache_status":"-","ze_lua_version":"7.2.1.49","zen_captcha_action":null,"clientip":"138.1.33.162","runtime_layer_name":"runtime","upstream_connect_time":"-","upstream_header_time":"-","hostname":"lhr-waf-edge-node-UniqueID","upstream_http_content_type":"-","request_length":94,"origin_header_time":"-","referrer":"-","origin_connect_time":"-","request":"/ab25.php","upstream_http_accept_ranges":"-","host":"app.wafdemo.online","country_code":"FR","upstream_addr":"-","upstream_response_code":"","upstream_http_content_range":"-","@version":"1","fingerprint":"-","xff_set_to":"","upstream_http_server":"-","ml_waf":"","upstream_http_expires":"-","request_time":0.002,"response_headers":"","http_expires":"-","@timestamp":"2020-05-07T08:31:11.000Z","upstream_http_x_xss_protection":"-","modsec_stopwatch":"{}","ml_waf_score":"","origin_response_time":"-","upstream_http_transfer_encoding":"-","upstream_http_last_modified":"-","agent":"ApacheBench/2.3","upstream_http_cache_control":"-","timestamp":"07/May/2020:08:31:11 +0000","request_raw_header":"GET /ab25.php HTTP/1.0\r\nHost: app.wafdemo.online\r\nUser-Agent: ApacheBench/2.3\r\nAccept: */*\r\n\r\n","origin_status":"-","upstream_http_via":"-","webapp_domain":"app.wafdemo.online","upstream_http_x_content_type_options":"-","ml_waf_training_malicious":"","type":"caching_logs","log_processor_host":"waf-lp-UniqueID","request_location":"48.81620,2.31393","response":403,"bytes":1275,"upstream_http_x_powered_by":"-","response_body_size":947,"request_id":"2020-05-07T08:31:11Z|8b33914958|127.0.0.1|km0Se7cNcw","ml_waf_vector":"","http_request":{"headers":"{\"host\":\"app.wafdemo.online\",\"x-forwarded-for\":\"127.0.0.1\",\"user-agent\":\"ApacheBench\\/2.3\",\"accept\":\"*\\/*\",\"x-country-code\":\"FR\",\"x-client-ip\":\"127.0.0.1 \"}"},"request_body_size":"","zen_lua_modules":null,"tags":["caching_logs","bucket"],"http_cache_control":"-","upstream_http_connection":"-","auth":"-","upstream_http_content_encoding":"-","verb":"GET","ml_waf_ri":"","ml_waf_model_id":"","nginx_config_template":"sys_v36","scheme":"http","log_type":"caching_logs","httpversion":"1.0"}Format de journal Lua pour OCI Edge WAF
Nom de l'analyseur : oci_edge_waf_lua_logtype
Exemple de contenu :
{"hostname":"zrh-waf-edge-node-14-prod","log_type":"lua_logs","client_ip":"138.1.33.162","webapp_domain":"app.wafdemo.online","@timestamp":"39:03.000Z","log_processor_host":"waf-lp-extlogstash38-UniqueID","ze_lua_version":"7.2.1.49","type":"threat_logs","host":"app.wafdemo.online","@version":"1","tags":["lua_logs","bucket"],"response_code":404,"action":"bypassed","http_request":{"x-forwarded-for":"130.61.50.95","all":"{\"host\":\"app.wafdemo.online\",\"x-forwarded-for\":\"130.61.50.95\",\"user-agent\":\"ApacheBench\\/2.3\",\"accept\":\"*\\/*\",\"x-country-code\":\"DE\",\"x-client-ip\":\"130.61.50.95\"}","verb":"GET","user-agent":"ApacheBench/2.3","url":"/54requests_whitelist.php","http_version":"1.0"},"geoip":{"latitude":50.11552,"country_code2":"DE","country_name":"Germany","location":"50.11552,8.68417","longitude":8.68417},"request_id":"39:03Z|UniqueID|130.61.50.95|UniqueID"}
{"hostname":"zrh-waf-edge-node-UniqueID","log_type":"lua_logs","client_ip":"130.61.50.95","webapp_domain":"app.wafdemo.online","@timestamp":"39:08.000Z","log_processor_host":"waf-lp-extlogstash38-c01-usqas3","ze_lua_version":"7.2.1.49","type":"threat_logs","host":"app.wafdemo.online","@version":"1","tags":["lua_logs","bucket"],"response_code":404,"action":"bypassed","http_request":{"x-forwarded-for":"130.61.50.95","all":"{\"host\":\"app.wafdemo.online\",\"x-forwarded-for\":\"130.61.50.95\",\"user-agent\":\"ApacheBench\\/2.3\",\"accept\":\"*\\/*\",\"x-country-code\":\"DE\",\"x-client-ip\":\"130.61.50.95\"}","verb":"GET","user-agent":"ApacheBench/2.3","url":"/54requests_whitelist.php","http_version":"1.0"},"geoip":{"latitude":50.11552,"country_code2":"DE","country_name":"Germany","location":"50.11552,8.68417","longitude":8.68417},"request_id":"39:08Z|UniqueID|130.61.50.95|UniqueID"}Format de journal d'OCI Analytics Cloud (OAC)
Nom de l'analyseur : oci_analytics_cloud_logtype
Exemple de contenu :
{
"specversion": "1.0",
"time": "2023-01-09T17:52:20.040Z",
"id": "1078402f-3db0-40f4-83cc-f76c356a8cfe",
"source": "oacservicelog",
"type": "com.oraclecloud.analytics.analyticsinstance.audit",
"oracle": {
"logid": "ocid1.log.oc1.iad.UniqueID"
},
"data": {
"userId": "f9de0c081be148018f5d5799afa9d951",
"category": "settings",
"message": "Social provider configuration updated.",
"ecid": "eff61089-6089-4e8a-8753-707cac23c589-0010c63f",
"logLevel": "info",
"additionalDetails": {
"status": "active",
"previousStatus": "active"
}
}
}
{
"data": {
"additionalDetails": {},
"category": "query",
"ecid": "aaaaaaaa-1111-bbbb-2222-cccccc333333-dddd4444",
"logLevel": "info",
"message": "--------------------Physical Query Summary Stats: Number of physical queries 1, Cumulative time 0.000, DB-connect
time 0.000 (seconds)\n",
"userId": "aa11bb22cc33dUniqueID",
"ipAddress": "192.168.1.1"
},
"id": "11111111-aaaa-2222-UniqueID",
"oracle": {
"compartmentid": "ocid1.tenancy.oc1..aaaaaaUniqueID",
"ingestedtime": "2022-08-16T10:53:33.099Z",
"loggroupid": "ocid1.loggroup.oc1.me-dubai-1.aaaa1111bbbbUniqueID",
"logid": "ocid1.log.oc1.me-dubai-1.aaaa1111bbbb3333vvvv4444wwww5555xxxx6666yyyy7777zzzz8888aaaa",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaaaa111111UniqueID"
},
"source": "MyOACInstance",
"specversion": "1.0",
"time": "2022-08-16T10:53:24.533Z",
"type": "com.oraclecloud.analytics.analyticsinstance.diagnostic"
}
{
"data": {
"additionalDetails": {},
"category": "query",
"ecid": "aaaaaaaa-1111-bbbb-2222-cccccc333333-dddd4444",
"logLevel": "info",
"message": "-------------------- Rows 470, bytes 7520 retrieved from database query id: <<97850>>,
physical request hash 0 \n","userId": "aa11bb22cc33dUniqueID",
"ipAddress": "192.168.1.1"
},
"id": "11111111-aaaa-2222-UniqueID",
"oracle": {
"compartmentid": "ocid1.tenancy.oc1..aaaaaaUniqueID",
"ingestedtime": "2022-08-16T10:53:33.099Z",
"loggroupid": "ocid1.loggroup.oc1.me-dubai-1.aaaa1111bbbbUniqueID",
"logid": "ocid1.log.oc1.me-dubai-1.aaaa1111bbbbUniqueID",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaaaa111111UniqueID"
},
"source": "MyOACInstance",
"specversion": "1.0",
"time": "2022-08-16T10:53:06.246Z",
"type": "com.oraclecloud.analytics.analyticsinstance.diagnostic"
}
{
"data": {
"additionalDetails": {
"path": "/users/john.smith@example.com/Worklife Balance",
"type": "data visualization workbook"
},
"category": "catalog",
"ecid": "aaaaaaaa-1111-bbbb-2222-cccccc333333-dddd4444",
"logLevel": "info",
"message": "Data Visualization Workbook (Worklife Balance) properties updated.",
"userId": "aa11bb22cc33dUniqueID",
"ipAddress": "192.168.1.1"
},
"id": "11111111-aaaa-2222-UniqueID",
"oracle": {
"compartmentid": "ocid1.tenancy.oc1..aaaaaaUniqueID",
"ingestedtime": "2022-08-16T11:01:01.507Z",
"loggroupid": "ocid1.loggroup.oc1.me-dubai-1.aaaa1111bbbbUniqueID",
"logid": "ocid1.log.oc1.me-dubai-1.aaaa1111bbbb33UniqueID",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaaaa111111UniqueID"
},
"source": "MyOACInstance",
"specversion": "1.0",
"time": "2022-08-16T11:00:31.611Z",
"type": "com.oraclecloud.analytics.analyticsinstance.audit"
}
{
"data": {
"additionalDetails": {
"snapshotSizeInBytes": "948999",
"source": "console"
},
"category": "snapshot",
"ecid": "aaaaaaaa-1111-bbbb-2222-cccUniqueID",
"logLevel": "info",
"message": "Snapshot 'MyFirstSnapshot' created.",
"userId": "aa11bb22cc33dd44UniqueID",
"ipAddress": "192.168.1.1"
},
"id": "11111111-aaaa-2222-bbbUniqueID",
"oracle": {
"compartmentid": "ocid1.tenancy.oc1..aaaaaa111111UniqueID",
"ingestedtime": "2022-08-16T11:01:01.507Z",
"loggroupid": "ocid1.loggroup.oc1.me-dubai-1.aaaa1111bUniqueID",
"logid": "ocid1.log.oc1.me-dubai-1.aaaa1111bbbbUniqueID",
"tenantid": "ocid1.tenancy.oc1..aaaaaaaaaa1111UniqueID"
},
"source": "MyOACInstance",
"specversion": "1.0",
"time": "2022-08-16T11:00:31.611Z",
"type": "com.oraclecloud.analytics.analyticsinstance.audit"
}