PHP 如何使用 AWS SDK 读取 cloudTrail 日志
How to read cloudTrail logs using AWS SDK in PHP
我是 AWS SDK API 的新手。
我有一个 s3 存储桶 (my-bucket) 供我的客户端从那里下载文件。
每当我的客户端从 "my-bucket".
下载文件时,我有一个 Trail(my-trail) 用于将日志传送到另一个 s3 bucket(my-bucket-logs)
我想从 "my-bucket-logs" 读取日志并将它们保存在我的 CMS 中以生成各种报告。是否可以获取日志?我试过下面的 PHP 代码。我不确定这段代码是否正确。
require 'vendor/autoload.php';
$config = [
'version' => 'latest',
'region' => 'us-east-1',
'key' => MY_AWS_KEY,
'secret' => MY_AWS_SECRETE
];
$s3client = new Aws\S3\S3Client($config);
$trailClient = new Aws\CloudTrail\CloudTrailClient($config);
$result = $trailClient->lookupEvents([
'EndTime' => time(),
'LookupAttributes' => [
[
'AttributeKey' => 'eventName',// 'get', // REQUIRED
'AttributeValue' => 'ListObjects' //get', // REQUIRED
],
// ...
],
'MaxResults' => 1000
//'NextToken' => '<string>',
//'StartTime' => '01/12/2017',
]);
print_r($result);
出现此错误:
PHP Fatal error: Uncaught exception 'Aws\CloudTrail\Exception\CloudTrailException' with message 'Error executing "LookupEvents" on "https://cloudtrail.us-east-1.amazonaws.com"; AWS HTTP error: Client error: `POST https://cloudtrail.us-east-1.amazonaws.com` resulted in a `400 Bad Request` response:
{"__type":"InvalidLookupAttributesException","Message":"You cannot perform a lookup on this attribute key: EventId|Event (truncated...)
InvalidLookupAttributesException (client): You cannot perform a lookup on this attribute key: EventId|EventName|Username|ResourceType|ResourceName|EventSource - {"__type":"InvalidLookupAttributesException","Message":"You cannot perform a lookup on this attribute key: EventId|EventName|Username|ResourceType|ResourceName|EventSource"}'
exception 'GuzzleHttp\Exception\ClientException' with message 'Client error: `POST https://cloudtrail.us-east-1.amazonaws.com` resulted in a `400 Bad Request` response:
{"__type":"InvalidLookupAttributesException","Message":"You cannot perform a lookup on this attribu in /home/shahid/webroot/shahid/aws/sdk/vendor/aws/aws-sdk-php/src/WrappedHttpHandler.php on line 191
是否可以在 PHP 中使用 AWS SDK API 获取日志?
我可以从 s3 存储桶中读取日志。这只是从 s3 存储桶本身下载文件的问题,我使用 Aws\CloudTrail\CloudTrailClient.
搞砸了
<?php
/**
* Copyright 2010-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* This file is licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License. A copy of
* the License is located at
*
* http://aws.amazon.com/apache2.0/
*
* This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
* specific language governing permissions and limitations under the License.
*/
require 'vendor/autoload.php';
use Aws\S3\S3Client;
use Aws\Exception\AwsException;
/**
* Get/Download an Object from Amazon S3.
*
* This code expects that you have AWS credentials set up per:
* http://docs.aws.amazon.com/aws-sdk-php/v3/guide/guide/credentials.html
*/
$bucket = "my-bucket-logs";
$key = "xxxxxxxxxx";
$filePath = "my-log-files.json";
try {
$result = $s3Client->getObject(array(
'Bucket' => $bucket
,'Key' => $key
,'SaveAs' => $filePath
));
} catch (S3Exception $e) {
echo $e->getMessage() . "\n";
}
我是 AWS SDK API 的新手。
我有一个 s3 存储桶 (my-bucket) 供我的客户端从那里下载文件。 每当我的客户端从 "my-bucket".
下载文件时,我有一个 Trail(my-trail) 用于将日志传送到另一个 s3 bucket(my-bucket-logs)我想从 "my-bucket-logs" 读取日志并将它们保存在我的 CMS 中以生成各种报告。是否可以获取日志?我试过下面的 PHP 代码。我不确定这段代码是否正确。
require 'vendor/autoload.php';
$config = [
'version' => 'latest',
'region' => 'us-east-1',
'key' => MY_AWS_KEY,
'secret' => MY_AWS_SECRETE
];
$s3client = new Aws\S3\S3Client($config);
$trailClient = new Aws\CloudTrail\CloudTrailClient($config);
$result = $trailClient->lookupEvents([
'EndTime' => time(),
'LookupAttributes' => [
[
'AttributeKey' => 'eventName',// 'get', // REQUIRED
'AttributeValue' => 'ListObjects' //get', // REQUIRED
],
// ...
],
'MaxResults' => 1000
//'NextToken' => '<string>',
//'StartTime' => '01/12/2017',
]);
print_r($result);
出现此错误:
PHP Fatal error: Uncaught exception 'Aws\CloudTrail\Exception\CloudTrailException' with message 'Error executing "LookupEvents" on "https://cloudtrail.us-east-1.amazonaws.com"; AWS HTTP error: Client error: `POST https://cloudtrail.us-east-1.amazonaws.com` resulted in a `400 Bad Request` response:
{"__type":"InvalidLookupAttributesException","Message":"You cannot perform a lookup on this attribute key: EventId|Event (truncated...)
InvalidLookupAttributesException (client): You cannot perform a lookup on this attribute key: EventId|EventName|Username|ResourceType|ResourceName|EventSource - {"__type":"InvalidLookupAttributesException","Message":"You cannot perform a lookup on this attribute key: EventId|EventName|Username|ResourceType|ResourceName|EventSource"}'
exception 'GuzzleHttp\Exception\ClientException' with message 'Client error: `POST https://cloudtrail.us-east-1.amazonaws.com` resulted in a `400 Bad Request` response:
{"__type":"InvalidLookupAttributesException","Message":"You cannot perform a lookup on this attribu in /home/shahid/webroot/shahid/aws/sdk/vendor/aws/aws-sdk-php/src/WrappedHttpHandler.php on line 191
是否可以在 PHP 中使用 AWS SDK API 获取日志?
我可以从 s3 存储桶中读取日志。这只是从 s3 存储桶本身下载文件的问题,我使用 Aws\CloudTrail\CloudTrailClient.
搞砸了<?php
/**
* Copyright 2010-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* This file is licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License. A copy of
* the License is located at
*
* http://aws.amazon.com/apache2.0/
*
* This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
* specific language governing permissions and limitations under the License.
*/
require 'vendor/autoload.php';
use Aws\S3\S3Client;
use Aws\Exception\AwsException;
/**
* Get/Download an Object from Amazon S3.
*
* This code expects that you have AWS credentials set up per:
* http://docs.aws.amazon.com/aws-sdk-php/v3/guide/guide/credentials.html
*/
$bucket = "my-bucket-logs";
$key = "xxxxxxxxxx";
$filePath = "my-log-files.json";
try {
$result = $s3Client->getObject(array(
'Bucket' => $bucket
,'Key' => $key
,'SaveAs' => $filePath
));
} catch (S3Exception $e) {
echo $e->getMessage() . "\n";
}