0

我是 AWS 开发工具包 API 的新手。

我有一个 s3 存储桶(my-bucket)用于我的客户从那里下载文件。每当我的客户端从“my-bucket”下载文件时,我有一个 Trail(my-trail)用于将日志传送到另一个 s3 存储桶(my-bucket-logs)。

我想从“my-bucket-logs”中读取日志并将它们保存在我的 CMS 中以生成各种报告。是否可以获取日志?我试过下面的PHP代码。我不确定这段代码是否正确。

require 'vendor/autoload.php';
$config = [
    'version' => 'latest',
    'region'  => 'us-east-1',
    'key' => MY_AWS_KEY,
    'secret'  => MY_AWS_SECRETE
];
$s3client = new Aws\S3\S3Client($config);
$trailClient = new Aws\CloudTrail\CloudTrailClient($config);


$result = $trailClient->lookupEvents([
    'EndTime' => time(),
    'LookupAttributes' => [
        [
            'AttributeKey' => 'eventName',// 'get', // REQUIRED
            'AttributeValue' => 'ListObjects' //get', // REQUIRED
        ],
        // ...
    ],
    'MaxResults' => 1000
    //'NextToken' => '<string>',
    //'StartTime' => '01/12/2017',
]);

print_r($result);

收到此错误:

PHP Fatal error:  Uncaught exception 'Aws\CloudTrail\Exception\CloudTrailException' with message 'Error executing "LookupEvents" on "https://cloudtrail.us-east-1.amazonaws.com"; AWS HTTP error: Client error: `POST https://cloudtrail.us-east-1.amazonaws.com` resulted in a `400 Bad Request` response:
{"__type":"InvalidLookupAttributesException","Message":"You cannot perform a lookup on this attribute key: EventId|Event (truncated...)
 InvalidLookupAttributesException (client): You cannot perform a lookup on this attribute key: EventId|EventName|Username|ResourceType|ResourceName|EventSource - {"__type":"InvalidLookupAttributesException","Message":"You cannot perform a lookup on this attribute key: EventId|EventName|Username|ResourceType|ResourceName|EventSource"}'

exception 'GuzzleHttp\Exception\ClientException' with message 'Client error: `POST https://cloudtrail.us-east-1.amazonaws.com` resulted in a `400 Bad Request` response:
{"__type":"InvalidLookupAttributesException","Message":"You cannot perform a lookup on this attribu in /home/shahid/webroot/shahid/aws/sdk/vendor/aws/aws-sdk-php/src/WrappedHttpHandler.php on line 191

是否可以在 PHP 中使用 AWS 开发工具包 API 获取日志?

4

1 回答 1

0

我可以从 s3 存储桶中读取日志。这只是从 s3 存储桶本身下载文件的问题,我使用 Aws\CloudTrail\CloudTrailClient 搞砸了。

<?php
    /**
     * Copyright 2010-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
     *
     * This file is licensed under the Apache License, Version 2.0 (the "License").
     * You may not use this file except in compliance with the License. A copy of
     * the License is located at
     *
     * http://aws.amazon.com/apache2.0/
     *
     * This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
     * CONDITIONS OF ANY KIND, either express or implied. See the License for the
     * specific language governing permissions and limitations under the License.
     */

    require 'vendor/autoload.php';

    use Aws\S3\S3Client;
    use Aws\Exception\AwsException;

    /**
     * Get/Download an Object from Amazon S3.
     *
     * This code expects that you have AWS credentials set up per:
     * http://docs.aws.amazon.com/aws-sdk-php/v3/guide/guide/credentials.html
     */
    $bucket = "my-bucket-logs";
    $key = "xxxxxxxxxx";
    $filePath = "my-log-files.json";

    try {
        $result = $s3Client->getObject(array(
                'Bucket' => $bucket
                ,'Key'    => $key
                ,'SaveAs' => $filePath
            ));


        } catch (S3Exception $e) {
        echo $e->getMessage() . "\n";
    }
于 2018-02-21T12:31:33.903 回答