启用和管理 Azure 存储分析日志（经典）Enable and manage Azure Storage Analytics logs (classic)

03/22/2021

Azure 存储分析提供 Blob、队列和表的日志。Azure Storage Analytics provides logs for blobs, queues, and tables. 可以使用 Azure 门户来配置要为帐户记录的日志。You can use the Azure portal to configure logs are recorded for your account. 本文介绍了如何启用和管理日志。This article shows you how to enable and manage logs. 若要了解如何启用指标，请参阅启用和管理 Azure 存储分析指标（经典）。To learn how to enable metrics, see Enable and manage Azure Storage Analytics metrics (classic). 在 Azure 门户中检查和存储监视数据会产生相关的费用。There are costs associated with examining and storing monitoring data in the Azure portal. 有关详细信息，请参阅存储分析。For more information, see Storage Analytics.

有关使用存储分析及其他工具来识别、诊断和排查 Azure 存储相关问题的深入指导，请参阅监视、诊断和排查 Azure 存储问题。For an in-depth guide on using Storage Analytics and other tools to identify, diagnose, and troubleshoot Azure Storage-related issues, see Monitor, diagnose, and troubleshoot Azure Storage.

启用日志Enable logs

可以指示 Azure 存储保存针对 Blob、表和队列服务发出的读取、写入和删除请求的诊断日志。You can instruct Azure Storage to save diagnostics logs for read, write, and delete requests for the blob, table, and queue services. 设置的数据保留策略也适用于这些日志。The data retention policy you set also applies to these logs.

备注

Azure 文件存储目前支持存储分析指标，但尚不支持存储分析日志记录。Azure Files currently supports Storage Analytics metrics, but does not support Storage Analytics logging.

在 Azure 门户中选择“存储帐户”，然后单击存储帐户的名称打开存储帐户边栏选项卡。In the Azure portal, select Storage accounts, then the name of the storage account to open the storage account blade.
在菜单边栏选项卡的“监视(经典)”部分中选择“诊断设置(经典)”。Select Diagnostic settings (classic) in the Monitoring (classic) section of the menu blade.
确保“状态”设置为“打开”，选择要为其启用日志记录的服务。Ensure Status is set to On, and select the services for which you'd like to enable logging.
确保选中“删除数据”复选框。Ensure that the Delete data check box is selected. 然后，通过移动复选框下方的滑块控件或直接修改显示在滑块控件旁边的文本框中的值，来设置要将日志数据保留的天数。Then, set the number of days that you would like log data to be retained by moving the slider control beneath the check box, or by directly modifying the value that appears in the text box next to the slider control. 新存储帐户的默认保留期为 7 天。The default for new storage accounts is seven days. 如果不需要设置保留策略，请输入零。If you do not want to set a retention policy, enter zero. 如果没有保留策略，则由用户自行决定是否删除日志数据。If there is no retention policy, it is up to you to delete the log data.

警告

日志作为数据存储在你的帐户中。Logs are stored as data in your account. 日志数据会随着时间的推移在你的帐户中累积，这可能会增加存储成本。log data can accumulate in your account over time which can increase the cost of storage. 如果只需要一小段时间的日志数据，则可以通过修改数据保留策略来降低成本。If you need log data for only a small period of time, you can reduce your costs by modifying the data retention policy. 陈旧的日志数据（超出保留策略的数据）将被系统删除。Stale log data (data older than your retention policy) is deleted by the system. 建议根据要将帐户的日志数据保留多长时间来设置保留策略。We recommend setting a retention policy based on how long you want to retain the log data for your account. 有关详细信息，请参阅按存储指标计费。See Billing on storage metrics for more information.
单击“ 保存”。Click Save.

诊断日志保存在存储帐户下名为 $logs 的 Blob 容器中。The diagnostics logs are saved in a blob container named $logs in your storage account. 可以使用 Microsoft Azure 存储资源管理器等存储资源管理器来查看日志数据，也可以使用存储客户端库或 PowerShell 以编程方式这样做。You can view the log data using a storage explorer like the Microsoft Azure Storage Explorer, or programmatically using the storage client library or PowerShell.

有关如何访问 $logs 容器的信息，请参阅存储分析日志记录。For information about accessing the $logs container, see Storage analytics logging.

打开 Windows PowerShell 命令窗口。Open a Windows PowerShell command window.
运行 Connect-AzAccount 命令以登录 Azure 订阅，并按照屏幕上的说明操作。Sign in to your Azure subscription with the Connect-AzAccount command and follow the on-screen directions.
```
Connect-AzAccount -Environment AzureChinaCloud
```
如果你的标识关联到多个订阅，请设置你的活动订阅。If your identity is associated with more than one subscription, then set your active subscription.
```
$context = Get-AzSubscription -SubscriptionId <subscription-id>
Set-AzContext $context
```
将 <subscription-id> 占位符值替换为你的订阅 ID。Replace the <subscription-id> placeholder value with the ID of your subscription.
获取定义了要使用的存储帐户的存储帐户上下文。Get the storage account context that defines the storage account you want to use.
```
$storageAccount = Get-AzStorageAccount -ResourceGroupName "<resource-group-name>" -AccountName "<storage-account-name>"
$ctx = $storageAccount.Context
```
- 将 <resource-group-name> 占位符值替换为资源组的名称。Replace the <resource-group-name> placeholder value with the name of your resource group.
- 将 <storage-account-name> 占位符值替换为存储帐户的名称。Replace the <storage-account-name> placeholder value with the name of your storage account.
使用 Set-AzStorageServiceLoggingProperty 更改当前的日志设置。Use the Set-AzStorageServiceLoggingProperty to change the current log settings. 控制存储日志记录的 cmdlet 使用 LoggingOperations 参数，该参数是一个字符串，包含要记录的请求类型的逗号分隔列表。The cmdlets that control Storage Logging use a LoggingOperations parameter that is a string containing a comma-separated list of request types to log. 三种可能的请求类型是“读取”、“写入”和“删除” 。The three possible request types are read, write, and delete. 要关闭日志记录，请对 LoggingOperations 参数使用值“无” 。To switch off logging, use the value none for the LoggingOperations parameter.

以下命令在保留期设为 5 天的情况下，在默认存储帐户中为队列服务中的读取、写入和删除请求打开日志记录：The following command switches on logging for read, write, and delete requests in the Queue service in your default storage account with retention set to five days:
```
Set-AzStorageServiceLoggingProperty -ServiceType Queue -LoggingOperations read,write,delete -RetentionDays 5 -Context $ctx
```
警告

日志作为数据存储在你的帐户中。Logs are stored as data in your account. 日志数据会随着时间的推移在你的帐户中累积，这可能会增加存储成本。log data can accumulate in your account over time which can increase the cost of storage. 如果只需要一小段时间的日志数据，则可以通过修改数据保留策略来降低成本。If you need log data for only a small period of time, you can reduce your costs by modifying the data retention policy. 陈旧的日志数据（超出保留策略的数据）将被系统删除。Stale log data (data older than your retention policy) is deleted by the system. 建议根据要将帐户的日志数据保留多长时间来设置保留策略。We recommend setting a retention policy based on how long you want to retain the log data for your account. 有关详细信息，请参阅按存储指标计费。See Billing on storage metrics for more information.

以下命令在默认存储帐户中为表服务关闭日志记录：The following command switches off logging for the table service in your default storage account:
```
Set-AzStorageServiceLoggingProperty -ServiceType Table -LoggingOperations none -Context $ctx 
```
若要了解如何配置 Azure PowerShell cmdlet 来使用 Azure 订阅并了解如何选择要使用的默认存储帐户，请参阅：如何安装和配置 Azure PowerShell。For information about how to configure the Azure PowerShell cmdlets to work with your Azure subscription and how to select the default storage account to use, see: How to install and configure Azure PowerShell.

QueueServiceClient queueServiceClient = new QueueServiceClient(connectionString);

QueueServiceProperties serviceProperties = queueServiceClient.GetProperties().Value;

serviceProperties.Logging.Delete = true;

QueueRetentionPolicy retentionPolicy = new QueueRetentionPolicy();
retentionPolicy.Enabled = true;
retentionPolicy.Days = 2;
serviceProperties.Logging.RetentionPolicy = retentionPolicy;

serviceProperties.HourMetrics = null;
serviceProperties.MinuteMetrics = null;
serviceProperties.Cors = null;

queueServiceClient.SetProperties(serviceProperties);

var storageAccount = CloudStorageAccount.Parse(connStr);  
var queueClient = storageAccount.CreateCloudQueueClient();  
var serviceProperties = queueClient.GetServiceProperties();  

serviceProperties.Logging.LoggingOperations = LoggingOperations.All;  
serviceProperties.Logging.RetentionDays = 2;  

queueClient.SetServiceProperties(serviceProperties);

修改日志数据保留期Modify log data retention period

日志数据会随着时间的推移在你的帐户中累积，这可能会增加存储成本。Log data can accumulate in your account over time which can increase the cost of storage. 如果只需要一小段时间的日志数据，则可以通过修改日志数据保留期来降低成本。If you need log data for only a small period of time, you can reduce your costs by modifying the log data retention period. 例如，如果只需要三天的日志，请将日志数据保留期设置为值 3。For example, if you need logs for only three days, set your log data retention period to a value of 3. 这样一来，日志将在 3 天后自动从你的帐户中删除。That way logs will be automatically deleted from your account after 3 days. 本部分介绍了如何查看当前的日志数据保留期，以及需要时如何更新该时间段。This section shows you how to view your current log data retention period, and then update that period if that's what you want to do.

备注

这些步骤仅适用于未在其上启用“分层命名空间”设置的帐户。These steps apply only for accounts that do not have the Hierarchical namespace setting enabled on them. 如果已在你的帐户上启用该设置，则尚不支持“保留天数”设置。If you've enabled that setting on your account, then the setting for retention days is not yet supported. 相反，你必须使用任何受支持的工具（例如 Azure 存储资源管理器、REST 或 SDK）手动删除日志。Instead, you'll have to delete logs manually by using any supported tool such as Azure Storage Explorer, REST or an SDK. 若要在存储帐户中查找这些日志，请参阅日志的存储方式。To find those logs in your storage account, see How logs are stored.

在 Azure 门户中选择“存储帐户”，然后单击存储帐户的名称打开存储帐户边栏选项卡。In the Azure portal, select Storage accounts, then the name of the storage account to open the storage account blade.
在菜单边栏选项卡的“监视(经典)”部分中选择“诊断设置(经典)”。Select Diagnostic settings (classic) in the Monitoring (classic) section of the menu blade.
确保选中“删除数据”复选框。Ensure that the Delete data check box is selected. 然后，通过移动复选框下方的滑块控件或直接修改显示在滑块控件旁边的文本框中的值，来设置要将日志数据保留的天数。Then, set the number of days that you would like log data to be retained by moving the slider control beneath the check box, or by directly modifying the value that appears in the text box next to the slider control.

新存储帐户的默认保留天数为 7 天。The default number of days for new storage accounts is seven days. 如果不需要设置保留策略，请输入零。If you do not want to set a retention policy, enter zero. 如果没有保留策略，则由用户自行决定是否删除监视数据。If there is no retention policy, it is up to you to delete the monitoring data.
单击“ 保存”。Click Save.

诊断日志保存在存储帐户下名为 $logs 的 Blob 容器中。The diagnostics logs are saved in a blob container named $logs in your storage account. 可以使用 Microsoft Azure 存储资源管理器等存储资源管理器来查看日志数据，也可以使用存储客户端库或 PowerShell 以编程方式这样做。You can view the log data using a storage explorer like the Microsoft Azure Storage Explorer, or programmatically using the storage client library or PowerShell.

有关如何访问 $logs 容器的信息，请参阅存储分析日志记录。For information about accessing the $logs container, see Storage analytics logging.

打开 Windows PowerShell 命令窗口。Open a Windows PowerShell command window.
运行 Connect-AzAccount 命令以登录 Azure 订阅，并按照屏幕上的说明操作。Sign in to your Azure subscription with the Connect-AzAccount command and follow the on-screen directions.
```
Connect-AzAccount -Environment AzureChinaCloud
```
如果你的标识关联到多个订阅，请设置你的活动订阅。If your identity is associated with more than one subscription, then set your active subscription.
```
$context = Get-AzSubscription -SubscriptionId <subscription-id>
Set-AzContext $context
```
将 <subscription-id> 占位符值替换为你的订阅 ID。Replace the <subscription-id> placeholder value with the ID of your subscription.
获取定义了存储帐户的存储帐户上下文。Get the storage account context that defines the storage account.
```
$storageAccount = Get-AzStorageAccount -ResourceGroupName "<resource-group-name>" -AccountName "<storage-account-name>"
$ctx = $storageAccount.Context
```
- 将 <resource-group-name> 占位符值替换为资源组的名称。Replace the <resource-group-name> placeholder value with the name of your resource group.
- 将 <storage-account-name> 占位符值替换为存储帐户的名称。Replace the <storage-account-name> placeholder value with the name of your storage account.
使用 Get-AzStorageServiceLoggingProperty 查看当前的日志保留策略。Use the Get-AzStorageServiceLoggingProperty to view the current log retention policy. 下面的示例将 blob 和队列存储服务的保留期输出到控制台。The following example prints to the console the retention period for blob and queue storage services.
```
Get-AzStorageServiceLoggingProperty -ServiceType Blob, Queue -Context $ctx
```
在控制台输出中，保留期显示在 RetentionDays 列标题的下方。In the console output, the retention period appears beneath the RetentionDays column heading.
使用 Set-AzStorageServiceLoggingProperty 更改保留期。Use the Set-AzStorageServiceLoggingProperty to change the retention period. 以下示例将保留期更改为 4 天。The following example changes the retention period to 4 days.
```
Set-AzStorageServiceLoggingProperty -ServiceType Blob, Queue -RetentionDays 4 -Context $ctx
```
若要了解如何配置 Azure PowerShell cmdlet 来使用 Azure 订阅并了解如何选择要使用的默认存储帐户，请参阅：如何安装和配置 Azure PowerShell。For information about how to configure the Azure PowerShell cmdlets to work with your Azure subscription and how to select the default storage account to use, see: How to install and configure Azure PowerShell.

下面的示例将 blob 和队列存储服务的保留期输出到控制台。The following example prints to the console the retention period for blob and queue storage services.

BlobServiceClient blobServiceClient = new BlobServiceClient(connectionString);
QueueServiceClient queueServiceClient = new QueueServiceClient(connectionString);

BlobServiceProperties blobServiceProperties = blobServiceClient.GetProperties().Value;
QueueServiceProperties queueServiceProperties = queueServiceClient.GetProperties().Value;

Console.WriteLine("Retention period for logs from the blob service is: " +
    blobServiceProperties.Logging.RetentionPolicy.Days.ToString());

Console.WriteLine("Retention period for logs from the queue service is: " +
    queueServiceProperties.Logging.RetentionPolicy.Days.ToString());

以下示例将保留期更改为 4 天。The following example changes the retention period to 4 days.

BlobRetentionPolicy blobRetentionPolicy = new BlobRetentionPolicy();

blobRetentionPolicy.Enabled = true;
blobRetentionPolicy.Days = 4;

QueueRetentionPolicy queueRetentionPolicy = new QueueRetentionPolicy();

queueRetentionPolicy.Enabled = true;
queueRetentionPolicy.Days = 4;

blobServiceProperties.Logging.RetentionPolicy = blobRetentionPolicy;
blobServiceProperties.Cors = null;

queueServiceProperties.Logging.RetentionPolicy = queueRetentionPolicy;
queueServiceProperties.Cors = null;

blobServiceClient.SetProperties(blobServiceProperties);
queueServiceClient.SetProperties(queueServiceProperties);

Console.WriteLine("Retention policy for blobs and queues is updated");

下面的示例将 blob 和队列存储服务的保留期输出到控制台。The following example prints to the console the retention period for blob and queue storage services.

var storageAccount = CloudStorageAccount.Parse(connectionString);

var blobClient = storageAccount.CreateCloudBlobClient();
var queueClient = storageAccount.CreateCloudQueueClient();

var blobserviceProperties = blobClient.GetServiceProperties();
var queueserviceProperties = queueClient.GetServiceProperties();

Console.WriteLine("Retention period for logs from the blob service is: " +
   blobserviceProperties.Logging.RetentionDays.ToString());

Console.WriteLine("Retention period for logs from the queue service is: " +
   queueserviceProperties.Logging.RetentionDays.ToString());

下面的示例将 blob 和队列存储服务的日志保留期更改为 4 天。The following example changes the retention period for logs for the blob and queue storage services to 4 days.


blobserviceProperties.Logging.RetentionDays = 4;
queueserviceProperties.Logging.RetentionDays = 4;

blobClient.SetServiceProperties(blobserviceProperties);
queueClient.SetServiceProperties(queueserviceProperties);

验证是否正在删除日志数据Verify that log data is being deleted

可以通过查看存储帐户的 $logs 容器的内容来验证是否正在删除日志。You can verify that logs are being deleted by viewing the contents of the $logs container of your storage account. 下图显示了 $logs 容器中某个文件夹的内容。The following image shows the contents of a folder in the $logs container. 该文件夹对应于 2021 年 1 月，并且每个文件夹包含一天的日志。The folder corresponds to January 2021 and each folder contains logs for one day. 如果今天的日期为 2021 年 1 月 29 日，并且你的保留策略设置为仅一天，则该文件夹应当仅包含一天的日志。If the day today was January 29th 2021, and your retention policy is set to only one day, then this folder should contain logs for only one day.

Azure 门户中的日志文件夹列表 List of log folders in the Azure Portal

查看日志数据View log data

要查看和分析日志数据，应该将包含你感兴趣的日志数据的 blob 下载到本地计算机。To view and analyze your log data, you should download the blobs that contain the log data you are interested in to a local machine. 你可以使用很多存储浏览工具从存储帐户下载 blob；你还可以使用 Azure 存储团队提供的命令行 Azure 复制工具 (AzCopy) 下载日志数据。Many storage-browsing tools enable you to download blobs from your storage account; you can also use the Azure Storage team provided command-line Azure Copy Tool AzCopy to download your log data.

备注

$logs 容器未与事件网格集成，因此在写入日志文件时不会收到通知。The $logs container isn't integrated with Event Grid, so you won't receive notifications when log files are written.

要确保下载你感兴趣的日志数据，并避免多次下载相同的日志数据，请执行以下操作：To make sure you download the log data you are interested in and to avoid downloading the same log data more than once:

对包含日志数据的 blob 使用日期和时间命名约定，以跟踪已下载用于分析的 blob，从而避免多次重新下载相同的数据。Use the date and time naming convention for blobs containing log data to track which blobs you have already downloaded for analysis to avoid re-downloading the same data more than once.
使用包含日志数据的 blob 中的元数据来确定特定期限，在该期限内，blob 会保留日志数据以标识需要下载的确切 blob。Use the metadata on the blobs containing log data to identify the specific period for which the blob holds log data to identify the exact blob you need to download.

要开始使用 AzCopy，请参阅 AzCopy 入门To get started with AzCopy, see Get started with AzCopy

下面的示例显示如何下载队列服务的日志数据，时间从 2014 年 5 月 20 日上午 9 点、10 点和 11 点开始。The following example shows how you can download the log data for the queue service for the hours starting at 09 AM, 10 AM, and 11 AM on 20th May, 2014.

azcopy copy 'https://mystorageaccount.blob.core.chinacloudapi.cn/$logs/queue' 'C:\Logs\Storage' --include-path '2014/05/20/09;2014/05/20/10;2014/05/20/11' --recursive

若要详细了解如何下载特定文件，请参阅使用 AzCopy v10 从 Azure Blob 存储下载 blob。To learn more about how to download specific files, see Download blobs from Azure Blob storage by using AzCopy v10.

下载日志数据后，可以查看文件中的日志条目。When you have downloaded your log data, you can view the log entries in the files. 这些日志文件使用带分隔符的文本格式，许多日志读取工具都可以分析此格式（有关详细信息，请参阅对 Azure 存储进行监视、诊断和故障排除指南）。These log files use a delimited text format that many log reading tools are able to parse (for more information, see the guide Monitoring, Diagnosing, and Troubleshooting Azure Storage). 不同的工具提供不同的功能用于筛选、排序和搜索日志文件的内容及设置其格式。Different tools have different facilities for formatting, filtering, sorting, ad searching the contents of your log files. 有关存储日志记录日志文件格式和内容的详细信息，请参阅存储分析日志格式和存储分析记录的操作和状态消息。For more information about the Storage Logging log file format and content, see Storage Analytics Log Format and Storage Analytics Logged Operations and Status Messages.

后续步骤Next steps

若要详细了解存储分析，请参阅存储分析。To learn more about Storage Analytics, see Storage Analytics for Storage Analytics.
有关使用 .NET 语言配置存储日志记录的详细信息，请参阅存储客户端库参考。For more information about using a .NET language to configure Storage Logging, see Storage Client Library Reference.
有关使用 REST API 配置存储日志记录的一般信息，请参阅启用和配置存储分析。For general information about configuring Storage Logging using the REST API, see Enabling and Configuring Storage Analytics.
详细了解存储分析日志的格式。Learn more about the format of Storage Analytics logs. 请参阅存储分析日志格式。See Storage Analytics Log Format.