Configuring export of Yandex Cloud events

The bucket must be mounted on the server on which the KUMA collector will be installed.

To mount the bucket:

1. On the server, create a directory for the 'kuma' user:

   sudo mkdir /home/kuma

2. On the server, create a file with a static access key for the sa-kuma-bucket service account and grant appropriate access permissions to the 'kuma' user:

   sudo bash -c 'echo <access_key_ID>:<secret_access_key> > /home/kuma/.passwd-s3fs'

   sudo chmod 600 /home/kuma/.passwd-s3fs

   sudo chown -R kuma:kuma /home/kuma

3. Install the s3fs package:

   sudo apt install s3fs

4. Create a directory where the bucket must be mounted and grant permissions to the kuma user:

   sudo mkdir /var/log/yandex-cloud/

   sudo chown kuma:kuma /var/log/yandex-cloud/

5. Mount the bucket:

   sudo s3fs kumabucket /var/log/yandex-cloud -o passwd_file=/home/kuma/.passwd-s3fs -o url=https://storage.yandexcloud.net -o use_path_request_style -o uid=$(id -u kuma) -o gid=$(id -g kuma)

   You can configure the bucket to be mounted at operating system startup by adding a line to /etc/fstab, for example:

   s3fs#kumabucket /var/log/yandex-cloud fuse _netdev,uid=<kuma_uid>,gid=<kuma_gid>,use_path_request_style,url=https://storage.yandexcloud.net,passwd_file=/home/kuma/.passwd-s3fs 0 0

   Where:

   <kuma_uid> is the ID of the 'kuma' operating system user.

   <kuma_gid> is the ID of the 'kuma' group of operating system users.

   To find out the kuma_uid and kuma_gid, run the following command in the console:

   id kuma

6. Verify that the bucket is mounted:

   sudo ls /var/log/yandex-cloud/

   If everything is configured correctly, the command returns <audit_trail_id>, where <audit_trail_id> is the audit trail ID.

Export of Yandex Cloud events is configured. Events will be located in directories in .json files:

/var/log/yandex-cloud/{audit_trail_id}/{year}/{month}/{day}/*.json

Page top