Politiques créées lors de l'intégration de Logging Analytics
En tant que nouvel utilisateur, si vous voulez commencer à utiliser Oracle Logging Analytics, dans le menu de la console OCI, naviguez jusqu'à Observabilité et gestion, cliquez sur Logging Analytics, puis cliquez sur Démarrer à l'aide de Logging Analytics dans la page d'intégration. L'assistant crée automatiquement des politiques pour activer Oracle Logging Analytics et configurer la collecte des journaux de vérification OCI.
Les politiques suivantes sont créées :
- logging_analytics_automatic_service_policies
Cette politique sert à activer Oracle Logging Analytics et comprend les énoncés suivants :
define tenancy sampledata as <sampledata_tenancy_OCID> endorse group Administrators to read loganalytics-features-family in tenancy sampledata endorse group Administrators to read loganalytics-resources-family in tenancy sampledata endorse group Administrators to read compartments in tenancy sampledata allow service loganalytics to READ loganalytics-features-family in tenancy allow service loganalytics to READ compartments in tenancy - logging_analytics_automatic_ingestion_policies
La politique sert à configurer la collecte des journaux de vérification OCI et comprend les énoncés suivants :
allow service loganalytics to {EVENTRULE_READ} in tenancy allow service loganalytics to {LOAD_BALANCER_READ} in tenancy allow service loganalytics to {BUCKET_READ} in tenancy allow service loganalytics to read functions-family in tenancy allow service loganalytics to read api-gateway-family in tenancy allow service loganalytics to {VNIC_READ} in tenancy allow service loganalytics to {APPROVED_SENDER_READ} in tenancy allow service loganalytics to {IPSEC_CONNECTION_READ} in tenancy allow service loganalytics to {WEB_APP_FIREWALL_READ} in tenancy allow service loganalytics to read operator-control-family in tenancy allow service loganalytics to {NETWORK_FIREWALL_READ} in tenancy allow service loganalytics to {DEVOPS_DEPLOYMENT_READ} in tenancy allow service loganalytics to {DEVOPS_DEPLOY_PIPELINE_READ} in tenancy allow service loganalytics to {DEVOPS_DEPLOY_STAGE_READ} in tenancy allow service loganalytics to {APM_DOMAIN_READ} in tenancy allow service loganalytics to {SERVICE_CONNECTOR_READ} in tenancy allow service loganalytics to {DATAFLOW_APPLICATION_READ} in tenancy allow service loganalytics to {MEDIA_WORKFLOW_READ} in tenancy allow service loganalytics to {MEDIA_WORKFLOW_JOB_READ} in tenancy allow service loganalytics to {CLUSTER_READ} in tenancy allow service loganalytics to {GOLDENGATE_DEPLOYMENT_READ} in tenancy allow any-user to {LOG_ANALYTICS_LOG_GROUP_UPLOAD_LOGS} in compartment id <compartment_OCID> where all {request.principal.type='serviceconnector', target.loganalytics-log-group.id='<target_log_group_OCID>',request.principal.compartment.id='<compartment_OCID>'}