DocsICP FilingConsole
官方文档
首页

Real-time log tracing

更新时间:
复制 MD 格式
产品详情
我的收藏

Real-time log tracing is a lightweight request tracing feature that supports multi-dimensional filtering and automatic termination to quickly identify abnormal access behavior.

Overview

Use this feature for real-time diagnostics. You can configure rules to trace specific requests based on various filter conditions. Once enabled, the system generates detailed access logs for all matching requests. Key features include:

  • Real-time results: Tracing starts immediately and streams logs in real time.

  • Multi-dimensional filtering: Supports flexible combinations of conditions, such as command type, client IP, request size, or specific keys.

  • Run control: You can set a maximum duration (in seconds) or a log entry limit to automatically stop the tracing task.

  • Low overhead: The feature logs only requests that match your rules, resulting in significantly lower performance impact than the Audit Log feature.

Use cases

  • Identify sources of hot keys and large keys: Pinpoint which clients are accessing hot or large keys to optimize your caching strategies.

  • Trace abnormal commands: Quickly identify activities such as malicious scans or resource abuse.

Note

This feature is intended for temporary, real-time diagnostics. For long-term auditing, we recommend using the Audit Log feature.

Version requirements

Your instance must be a memory-optimized Tair (Enterprise Edition) instance running minor version 25.10.1.0 or later.

Procedure

  1. Log on to the console and go to the Instances page. In the top navigation bar, select the region in which the instance is deployed. Then, find the instance and click its ID.

  2. In the left-side navigation pane, click CloudDBA > Instance Session.

  3. Click the Instance Tracing tab, and then click Create Tracing Rule.

    Note

    You can have up to five tracing rules active at once.

  4. In the panel that appears, configure the tracing and filtering rules.

    In this example, to identify which clients are accessing the large key "bighash", configure the following parameters and leave the others at their default settings.

    • Rule Name: bighashKey.

    • Command Settings - Input: Enter +@hash.

      Note

      The more specific the rule, the lower the overhead. For example, +hset has lower overhead than +@hash.

    • Key Match: Select Key Pattern and enter bighash.

    (Optional) Parameters

    Rule Name is the only required parameter. All other conditions are optional and are combined using a logical AND operator.

    Category

    Parameter

    Description

    Name

    Rule Name (Required)

    The name of the tracing rule.

    Match conditions

    Command Settings - Select

    Add or exclude command groups or specific commands to be traced. Custom combinations are supported.

    Command Settings - Input

    You can also enter tracing command rules in this text box. The syntax is similar to Redis Access Control List (ACL). For example, +@write +@hash +@string -hsetnx traces write commands for Hash and String types, but excludes the HSETNX command.

    Key Match

    You can select All Keys or specify a Key Pattern. Wildcard matching is supported.

    Channel Match

    Used only for tracing channels of Pub/Sub commands. You can select All Channels or specify a Channel Pattern. Wildcard matching is supported.

    Client IP Match

    You can select All IPs or specify an IP Pattern. The IP Pattern supports CIDR notation. For example, 192.168.1.0/24 covers 192.168.1.0 to 192.168.1.255.

    Response Size Limit

    Unit: bytes. A value of 0 indicates no limit.

    Request Size Limit

    Unit: bytes. A value of 0 indicates no limit.

    End conditions

    End by Log Count

    The tracing task ends when any of the end conditions are met.

    Monitoring Duration

  5. Click Create And Run.

    The tracing task starts.

  6. Refresh the Real-time Tracing Log list to view the request logs that match the rule. After the task runs, the Real-time Tracing Log page displays the matching results. In this example, the logs correspond to the rule named bighash Key. The log table includes columns for Time, Shard, Client IP address, Type, Request, Reply, and Engine latency. You can view details of HGET requests for the bighash key and the corresponding engine latency. Click View Details to expand the full reply.

    The tracing task ends automatically when any of the configured end conditions are met. You can then modify, delete, or re-run the tracing rule.

    Warning

    • Re-running a tracing rule deletes the original logs. To save the logs, export them beforehand.

    • Deleting a rule also deletes its corresponding logs.

Troubleshooting

Use the client IP and command behavior to troubleshoot your service logic or configure access control settings.

Previous:Log managementNext:Audit logs