Working with Amazon S3 Bucket Logging
How to enable Amazon S3 Bucket Logging
An Amazon S3 bucket can be configured to create access log records for the requests made against it.
An access log record contains details about the request such as the request type, the resource with which
the request worked, and the time and date that the request was processed. Server access logs give bucket
owners insight into the nature of requests made by clients not under their control.
By default, server access logs are not collected for a bucket.
With S3 Browser you can easily turn on Amazon S3 Bucket Logging.
To enable Amazon S3 Bucket Logging:
1. Select the Bucket you want to enable logging for and click Buckets -> Edit Logging Settings.
Click Buckets -> Edit Logging Settings to Edit Bucket Logging Settings
2. Bucket Logging Settings dialog will appear:
Bucket Logging Settings Dialog allows you to specify logging settings
Turn on Enable logging for bucket checkbox. Then you need to specify Target Bucket
and Target Prefix.
Target Bucket - defines the bucket, where log files will be stored. Target Bucket should be in the same region as Source Bucket.
If you want to use the same bucket for log files, we recommend to specify Target Prefix, including trailing slash, to keep log files in
subdirectory and avoid mixing log files with other files.
You may select existing bucket from drop-down list,
or specify new bucket name and it will be created automatically.
Target Prefix - defines a prefix for the keys that the delivered log files will be stored under.
For example if you want to use one bucket to keep log files from multiple source buckets, you may use Target Prefix
to define subdirectories for each buckets' log files, i.e. Bucket1-logs/, Bucket2-logs/.
Click OK to apply bucket logging settings
3. Click the OK button to save bucket logging settings.
Please note, that log files does not appear immediately. There is some delay between the time when
request was made and when it will appear in the logs.
To disable Amazon S3 Bucket Logging
1. Select the bucket, you want to disable logging for.
2. Click Buckets->Edit Logging Settings
Bucket Logging Settings Dialog will appear:
How to disable Amazon S3 bucket logging
3. Turn off Enable logging for bucket checkbox.
4. Click the OK button to save changes.
Amazon S3 Server Access Log Format
The log files consist of a sequence of new-line delimited log records.
Below is an example of typical entries from Amazon S3 Server Access Logs.
314423094967345b38a76d76d78c678b4 bucket_name [14/Nov/2010:13:53:47 +0000] 126.96.36.199 Anonymous 3E43423453A12F47 REST.GET.OBJECT s3browser/2.4.5/s3browser-2-4-5.exe "GET /s3browser/2.4.5/s3browser-2-4-5.exe HTTP/1.1" 200 - 543664 543664 116 96 "http://s3browser.com/download.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7" -
314423094967345b38a76d76d78c678b4 bucket_name [14/Nov/2010:13:53:59 +0000] 188.8.131.52 Anonymous 3E43423453A12F47 REST.GET.OBJECT s3browser/2.4.7/s3browser-2-4-7.exe "GET /s3browser/2.4.7/s3browser-2-4-7.exe HTTP/1.1" 200 - 289897 289897 50 44 "http://s3browser.com/download.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7" -
Each log record represents one request and consists of space delimited fields described in the following table:
||The canonical user id of the owner of the source bucket.
||The name of the bucket that the request was processed against.
||The time at which the request was received.
||The apparent Internet address of the requester.
||The canonical user id of the requester, or the string "Anonymous" for unauthenticated requests.
||The request ID is a string generated by Amazon S3 to uniquely identify each request.
||Either SOAP.operation or REST.HTTP_method.resource_type.
||The "key" part of the request, URL encoded, or "-" if the operation does not take a key parameter.
||"GET /s3browser/2.4.5/s3browser-2-4-5.exe HTTP/1.1"
||The Request-URI part of the HTTP request message.
||The numeric HTTP status code of the response.
||The Amazon S3 Error Code, or "-" if no error occurred.
||The number of response bytes sent, excluding HTTP protocol overhead, or "-" if zero.
||The total size of the object in question.
||The number of milliseconds the request was in flight from the server's perspective.
||The number of milliseconds that Amazon S3 spent processing your request.
||The value of the HTTP Referrer header, if present.
||"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
||The value of the HTTP User-Agent header.
||The version ID in the request, or "-" if the operation does not take a versionId parameter.