1
00:00:00,520 --> 00:00:01,353
‫So let's go ahead

2
00:00:01,353 --> 00:00:02,910
‫and practice S3 access logs.

3
00:00:02,910 --> 00:00:05,290
‫And for this, I'm going to create an S3 access logs

4
00:00:05,290 --> 00:00:08,410
‫to find V3 buckets.

5
00:00:08,410 --> 00:00:12,620
‫And then I will go ahead and create that bucket.

6
00:00:12,620 --> 00:00:14,807
‫So that bucket is going to be our logging bucket,

7
00:00:14,807 --> 00:00:17,380
‫and I'm going to keep this open here.

8
00:00:17,380 --> 00:00:21,080
‫And in another tab, I'm going to take one of my buckets

9
00:00:21,080 --> 00:00:26,080
‫that I've created and then I'm going to enable the logging.

10
00:00:26,130 --> 00:00:27,500
‫So I just took one bucket,

11
00:00:27,500 --> 00:00:29,800
‫but whatever bucket you want for you really.

12
00:00:29,800 --> 00:00:32,100
‫I will go on Properties

13
00:00:32,100 --> 00:00:33,940
‫and then I will scroll down

14
00:00:33,940 --> 00:00:37,490
‫and look for "Server access logging."

15
00:00:37,490 --> 00:00:38,890
‫So we edit it,

16
00:00:38,890 --> 00:00:41,570
‫and we are going to enable server access logging.

17
00:00:41,570 --> 00:00:43,090
‫So as we can see when we do so,

18
00:00:43,090 --> 00:00:45,520
‫the bucket policy will be updated

19
00:00:45,520 --> 00:00:48,350
‫in the target buckets, okay?

20
00:00:48,350 --> 00:00:49,510
‫So where we want to log.

21
00:00:49,510 --> 00:00:52,870
‫So for the target bucket, we're going to browse Amazon S3

22
00:00:52,870 --> 00:00:57,100
‫and then we choose the S3 access logs to find V3 buckets.

23
00:00:57,100 --> 00:00:59,080
‫I save the change

24
00:00:59,080 --> 00:01:04,080
‫and now my S3 server access logging is enabled.

25
00:01:04,840 --> 00:01:06,990
‫So now what I can do is I can go to my objects,

26
00:01:06,990 --> 00:01:09,030
‫I can click on this one,

27
00:01:09,030 --> 00:01:12,180
‫I can maybe open it back into my bucket,

28
00:01:12,180 --> 00:01:14,510
‫I can go in it and I can upload a file.

29
00:01:14,510 --> 00:01:17,700
‫So add a file and it'll be for example, my beach.jpg.

30
00:01:17,700 --> 00:01:20,550
‫So you can do a lot of things in your bucket,

31
00:01:20,550 --> 00:01:23,980
‫and all of this is going generate activity.

32
00:01:23,980 --> 00:01:26,440
‫And this activity is going to be logged

33
00:01:26,440 --> 00:01:28,630
‫into your logging buckets.

34
00:01:28,630 --> 00:01:31,600
‫Now, if I refresh, as you can see, nothing happens yet.

35
00:01:31,600 --> 00:01:33,620
‫That's because it takes a little bit of time

36
00:01:33,620 --> 00:01:38,260
‫for your access logs to go into your logging buckets.

37
00:01:38,260 --> 00:01:39,760
‫But what we can do in the meantime

38
00:01:39,760 --> 00:01:41,690
‫is have a look at the permissions.

39
00:01:41,690 --> 00:01:45,940
‫Because when we enabled the server bucket,

40
00:01:45,940 --> 00:01:48,760
‫so when we're right here, the server access logging,

41
00:01:48,760 --> 00:01:50,020
‫when we enabled it,

42
00:01:50,020 --> 00:01:53,200
‫it was saying that the bucket policy will be updated.

43
00:01:53,200 --> 00:01:54,130
‫So let's verify that.

44
00:01:54,130 --> 00:01:57,530
‫We can scroll down and we have the bucket policy right here.

45
00:01:57,530 --> 00:02:01,800
‫And indeed, yes, the bucket policy was updated

46
00:02:01,800 --> 00:02:05,160
‫to allow the logging service of Amazon S3

47
00:02:05,160 --> 00:02:09,010
‫to put objects into these buckets.

48
00:02:09,010 --> 00:02:10,110
‫So this is pretty good.

49
00:02:10,110 --> 00:02:12,250
‫So now what we have to do

50
00:02:12,250 --> 00:02:13,750
‫is go back into our buckets

51
00:02:13,750 --> 00:02:16,440
‫and wait for the first logs to be sent.

52
00:02:16,440 --> 00:02:18,730
‫So it took a couple of hours, but I just refreshed,

53
00:02:18,730 --> 00:02:22,350
‫and in my bucket, I see a lot of files now, objects,

54
00:02:22,350 --> 00:02:25,760
‫and these have been created directly for my access log.

55
00:02:25,760 --> 00:02:29,460
‫So I can click on one of them and I can open it for example.

56
00:02:29,460 --> 00:02:32,050
‫And in here, I'm able to see, well, what happened?

57
00:02:32,050 --> 00:02:34,500
‫And this is quite hard to decipher, okay?

58
00:02:34,500 --> 00:02:37,450
‫But it gives you the API call, the success rate,

59
00:02:37,450 --> 00:02:39,910
‫who accessed it, what bucket it was,

60
00:02:39,910 --> 00:02:42,780
‫at what time and the lot of information.

61
00:02:42,780 --> 00:02:46,060
‫So, okay, that's for S3 access logs.

62
00:02:46,060 --> 00:02:49,060
‫I hope you liked it, and I will see you in the next lecture.