Last updated：2020-10-22 10:56:28
You can use the event logs recorded by ActionTrail to detect security issues in your Kingsoft Cloud account or resources. For example, ActionTrail records all logins of your account, including the login time, login IP address, and whether multi-factor authentication (MFA) is used. With the records, you can determine whether your account has security issues.
###Resource change tracing
You can use the event logs recorded by ActionTrail to detect anomalous changes made to your resources. For example, if one of your Kingsoft Cloud Elastic Compute (KEC) instances is shut down, you can use ActionTrail to find the operator, time, and source IP address of the shutdown operation.
If your organization has multiple members and you are using the Identity and Access Management (IAM) service of Kingsoft Cloud to manage these members, you must record operations of all the members to meet compliance auditing requirements. In this case, you can use ActionTrail to record operations of all the members and use the event logs generated by ActionTrail to perform compliance auditing.
Did you find the above information helpful?
Please give us your feedback.
Thank you for your feedback.