How to Configure Amazon S3 Bucket Logging. Amazon S3 Access Logs Format. Amazon S3 Logging.
S3 Browser
Free Windows Client for Amazon S3 and Amazon CloudFront

Working with Amazon S3 Bucket Logging

How to enable Amazon S3 Bucket Logging

An Amazon S3 bucket can be configured to create access log records for the requests made against it. An access log record contains details about the request such as the request type, the resource with which the request worked, and the time and date that the request was processed. Server access logs give bucket owners insight into the nature of requests made by clients not under their control.

By default, server access logs are not collected for a bucket.

With S3 Browser you can easily turn on Amazon S3 Bucket Logging.

To enable Amazon S3 Bucket Logging:

1. Select the Bucket you want to enable logging for and click:

Buckets, Edit Logging Settings

Click buckets, edit logging settings

Click Buckets, Edit Logging Settings or use the Ctrl+G keyboard shortcut.

The Bucket Logging Settings dialog will open:

enable amazon s3 bucket logging

Bucket Logging Settings Dialog allows you to specify logging settings

2. Tick the Enable logging for [bucket-name] checkbox and specify Target Bucket and folder.

Target bucket and folder - defines the bucket and optinal folder, where log files will be stored. Target Bucket should be in the same region as Source Bucket.

If you would like to use the same bucket for log files, we recommend to specify the folder as well to keep log files in separate folder and avoid mixing log files with other files.

You may enter destination bucket and optional folder manually or use the Browse for Folder dialog to select destination bucket and folder for your log files. You may also create new folder if necessary.

If you would like to choose destination bucket via Browse for Folder dialog, you may click the folder icon as shown on the screenshot below:

browse for folder dialog to choose target bucket for s3 logs

Browse For Folder Dialog allows you to choose the Bucket and Folder

When all settings are configured, click OK to apply bucket logging settings:

click ok to apply bucket logging settings

Click OK to apply bucket logging settings

Please note, that log files do not appear immediately. There is some delay between the time when request was made and when it will appear in the logs.

You may also consider configuring Lifecycle Rules for your log files to automatically delete old log files after specified period of time.

To disable Amazon S3 Bucket Logging

1. Select the bucket, you want to disable logging for.

2. Click Buckets->Edit Logging Settings

Bucket Logging Settings Dialog will appear:

how to disable amazon s3 bucket logging

How to disable Amazon S3 bucket logging

3. Untick the Enable logging for bucket checkbox and click OK to save changes.

Amazon S3 Server Access Log Format

The log files consist of a sequence of new-line delimited log records.

Below is an example of typical entries from Amazon S3 Server Access Logs.

314423094967345b38a76d76d78c678b4 bucket_name [14/Nov/2010:13:53:47 +0000] Anonymous 3E43423453A12F47 REST.GET.OBJECT s3browser/2.4.5/s3browser-2-4-5.exe "GET /s3browser/2.4.5/s3browser-2-4-5.exe HTTP/1.1" 200 - 543664 543664 116 96 "" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7" -
314423094967345b38a76d76d78c678b4 bucket_name [14/Nov/2010:13:53:59 +0000] Anonymous 3E43423453A12F47 REST.GET.OBJECT s3browser/2.4.7/s3browser-2-4-7.exe "GET /s3browser/2.4.7/s3browser-2-4-7.exe HTTP/1.1" 200 - 289897 289897 50 44 "" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/534.7 (KHTML, like Gecko) Chrome/7.0.517.44 Safari/534.7" -

Each log record represents one request and consists of space delimited fields described in the following table:

Field Name Example Entry Description
Bucket Owner 314423094967345b38a76d76d78c678b4 The canonical user id of the owner of the source bucket.
Bucket bucket_name The name of the bucket that the request was processed against.
Time [14/Nov/2010:13:53:47 +0000] The time at which the request was received.
Remote IP The apparent Internet address of the requester.
Requester Anonymous The canonical user id of the requester, or the string "Anonymous" for unauthenticated requests.
Request ID 3E43423453A12F47 The request ID is a string generated by Amazon S3 to uniquely identify each request.
Operation REST.GET.OBJECT Either SOAP.operation or REST.HTTP_method.resource_type.
Key s3browser/2.4.5/s3browser-2-4-5.exe The "key" part of the request, URL encoded, or "-" if the operation does not take a key parameter.
Request-URI "GET /s3browser/2.4.5/s3browser-2-4-5.exe HTTP/1.1" The Request-URI part of the HTTP request message.
HTTP Status 200 The numeric HTTP status code of the response.
Error Code - The Amazon S3 Error Code, or "-" if no error occurred.
Bytes Sent 543664 The number of response bytes sent, excluding HTTP protocol overhead, or "-" if zero.
Object Size 543664 The total size of the object in question.
Total Time 116 The number of milliseconds the request was in flight from the server's perspective.
Turn-Around Time 96 The number of milliseconds that Amazon S3 spent processing your request.
Referrer "" The value of the HTTP Referrer header, if present.
User-Agent "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" The value of the HTTP User-Agent header.
Version Id - The version ID in the request, or "-" if the operation does not take a versionId parameter.

S3 Browser 11.4.5 Freeware
Powered by Amazon Web Services and Rated by CNET Editors!
Social Connection
S3 Client Logo
People like S3 Browser!
Our customers say

"S3 Browser is an invaluable tool to me as a web developer to easily manage my automated site backups" -Bob Kraft, Web Developer

"Just want to show my appreciation for a wonderful product. I use S3 Browser a lot, it is a great tool." -Gideon Kuijten, Pro User

"Thank You Thank You Thank You for this tool. A must have for anyone using S3!" -Brian Cummiskey, USA

Related Products
Windows Client for Amazon Glacier - new low-cost storage for data archiving and backup.
protects your Windows Server from RDP Brute-force Attacks.
"Amazon Web Services", "AWS", "Amazon S3", "Amazon Simple Storage Service", "Amazon CloudFront", "CloudFront", the "Powered by Amazon Web Services" logo are trademarks of, Inc. or its affiliates in the US and/or other countries.
Copyright © 2008-2023 Netsdk Software FZE. All rights reserved.  Terms of Use.  Privacy Policy.  S3 Drive.  RDP brute-force protection.