OSS violation detection (General-purpose Edition) delivers detection results to Log Service. Log Service provides features such as query and analysis, transformation, and alerting to help you understand content risk trends and monitor in real time. Additionally, a detection task marks scanned objects with an OSS object tag. This topic describes the logging features of OSS violation detection and how to use object tags.
Log query and analysis
Before you begin
After enabling OSS violation detection (General-purpose Edition), the system automatically creates a Project named aliyun-cip-<your Alibaba Cloud account ID>-cn-shanghai and a dedicated Logstore named cip-osscheck-log in Log Service.
All logs are delivered to the default Project (aliyun-cip-<your Alibaba Cloud account ID>-cn-shanghai) in the China (Shanghai) region.
You must ensure that your Log Service subscription is active and not overdue. Otherwise, the logging feature is suspended.
The dedicated Logstore does not support writing other data. However, there are no special restrictions on features such as querying, analysis, alerting, or consumption. You cannot modify the properties of the dedicated Logstore, such as the data retention period.
For more information about the fees generated by Log Service, see Billing for OSS violation detection (General-purpose Edition).
Features
After Log Service collects the logs of OSS violation detection results, you can query, analyze, download, deliver, transform, or create alerts based on the logs. For more information, see Common operations on cloud service logs.
The dedicated dashboard generated by the system may be upgraded and updated. We recommend that you do not modify the dedicated dashboard.
You can create a custom dashboard to visualize query results. For more information, see Create a dashboard.
Log fields
The following table describes the fields in the OSS violation detection result logs delivered to Log Service.
Field | Type | Indexed | Description |
uid | String | Yes | The Alibaba Cloud account ID. |
subUid | String | Yes | The RAM user ID. |
jobId | String | Yes | The OSS detection task ID. |
jobName | String | Yes | The OSS detection task name. |
parentJobId | String | Yes | The parent detection task ID. This field is used for scheduled tasks. |
requestId | String | Yes | The object detection request ID. |
bucket | String | Yes | The object's OSS bucket. |
object | String | Yes | The object path. |
md5 | String | Yes | The object's MD5 hash. |
regionId | String | Yes | The OSS bucket's region. |
contentType | String | Yes | The detected content type. |
serviceCode | String | Yes | The code for the service configured for object detection. |
code | Integer | Yes | The error code for the detection request. |
msg | String | Yes | The error message for the detection request. |
labels | String | Yes | Labels for image or video frame detection results. Multiple labels are comma-separated. |
labels2 | String | Yes | Labels for audio detection results, if any. Multiple labels are comma-separated. |
scanResult | String | Yes | Detailed detection results in JSON string format. |
riskLevel0 | String | Yes | The overall risk level of the object. |
riskLevel | String | Yes | The risk level of the image or video frames. |
riskLevel2 | String | Yes | The risk level of the audio or document text, if any. |
Using object tags
How it works
OSS violation detection (General-purpose Edition) marks scanned objects with the object tag Key:TagForCIP, Value:Scanned. For information about tagging fees, see Billing for OSS violation detection (General-purpose Edition).
OSS allows you to categorize objects in a bucket by using tags. You can then configure lifecycle rules, access permissions, and other settings for objects that have the same tag. For more information, see Object tagging.
Usage recommendations
By default, you should not modify or remove the object tag. The violation detection task relies on this tag to avoid re-scanning objects. However, in two specific scenarios, you can modify the tag to manage the detection task:
To re-scan previously scanned objects, you can call the DeleteObjectTagging operation to remove the object tag from them.
To prevent safe objects from being scanned and to avoid unnecessary fees, you can call the PutObjectTagging operation to manually add the object tag to those objects.