本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
# CloudWatch 日志条目示例
本主题介绍示例日志条目。
**Topics**
+ [传输会话日志条目示例](#session-log-examples)
+ [SFTP 连接器的日志条目示例](#example-sftp-connector-logs)
+ [VPC Lattice 连接器的日志条目示例](#example-vpc-lattice-connector-logs)
+ [密钥交换算法失败的日志条目示例](#example-kex-logs)
## 传输会话日志条目示例
在此示例中,SFTP 用户连接到 Transfer Family 服务器,上传文件,然后断开与会话的连接。
以下日志条目反映了连接到 Transfer Family 服务器的 SFTP 用户。
```
{
"role": "arn:aws:iam::500655546075:role/transfer-s3",
"activity-type": "CONNECTED",
"ciphers": "chacha20-poly1305@openssh.com,chacha20-poly1305@openssh.com",
"client": "SSH-2.0-OpenSSH_7.4",
"source-ip": "52.94.133.133",
"resource-arn": "arn:aws:transfer:us-east-1:500655546075:server/s-3fe215d89f074ed2a",
"home-dir": "/test/log-me",
"ssh-public-key": "AAAAC3NzaC1lZDI1NTE5AAAAIA9OY0qV6XYVHaaOiWAcj2spDJVbgjrqDPY4pxd6GnHl",
"ssh-public-key-fingerprint": "SHA256:BY3gNMHwTfjd4n2VuT4pTyLOk82zWZj4KEYEu7y4r/0",
"ssh-public-key-type": "ssh-ed25519",
"user": "log-me",
"kex": "ecdh-sha2-nistp256",
"session-id": "9ca9a0e1cec6ad9d"
}
```
以下日志条目反映了 SFTP 用户将文件上传到其 Amazon S3 存储桶的情况。
```
{
"mode": "CREATE|TRUNCATE|WRITE",
"path": "/test/log-me/config-file",
"activity-type": "OPEN",
"resource-arn": "arn:aws:transfer:us-east-1:500655546075:server/s-3fe215d89f074ed2a",
"session-id": "9ca9a0e1cec6ad9d"
}
```
以下日志条目反映了 SFTP 用户与 SFTP 会话断开连接的情况。首先,客户端关闭与存储桶的连接,然后断开 SFTP 会话。
```
{
"path": "/test/log-me/config-file",
"activity-type": "CLOSE",
"resource-arn": "arn:aws:transfer:us-east-1:500655546075:server/s-3fe215d89f074ed2a",
"bytes-in": "121",
"session-id": "9ca9a0e1cec6ad9d"
}
{
"activity-type": "DISCONNECTED",
"resource-arn": "arn:aws:transfer:us-east-1:500655546075:server/s-3fe215d89f074ed2a",
"session-id": "9ca9a0e1cec6ad9d"
}
```
**注意**
可用的活动类型如下:`AUTH_FAILURE`、、、、`CONNECTED`、`DISCONNECTED`、`ERROR`、`EXIT_REASON`、`CLOSE`、`CREATE_SYMLINK`、`DELETE`、`MKDIR`、、`OPEN`、`PARTIAL_CLOSE`、`RENAME`、`RMDIR`、`SETSTAT`、`TLS_RESUME_FAILURE`。
## SFTP 连接器的日志条目示例
本节包含成功和不成功传输的示例日志。日志生成到名为的日志组`/aws/transfer/connector-id`,其中*connector-id*是 SFTP 连接器的标识符。SFTP 连接器的日志条目是在运行`StartFileTransfer`或`StartDirectoryListing`命令时生成的。
此日志条目适用于成功完成的传输。
```
{
"operation": "RETRIEVE",
"timestamp": "2023-10-25T16:33:27.373720Z",
"connector-id": "connector-id",
"transfer-id": "transfer-id",
"file-transfer-id": "transfer-id/file-transfer-id",
"url": "sftp://192.0.2.0",
"file-path": "/remotebucket/remotefilepath",
"status-code": "COMPLETED",
"start-time": "2023-10-25T16:33:26.945481Z",
"end-time": "2023-10-25T16:33:27.159823Z",
"account-id": "480351544584",
"connector-arn": "arn:aws:transfer:us-east-1:account-id:connector/connector-id",
"local-directory-path": "/connectors-localbucket",
"bytes": 514,
"egress-type": "SERVICE_MANAGED"
}
```
此日志条目适用于超时但未成功完成的传输。
```
{
"operation": "RETRIEVE",
"timestamp": "2023-10-25T22:33:47.625703Z",
"connector-id": "connector-id",
"transfer-id": "transfer-id",
"file-transfer-id": "transfer-id/file-transfer-id",
"url": "sftp://192.0.2.0",
"file-path": "/remotebucket/remotefilepath",
"status-code": "FAILED",
"failure-code": "TIMEOUT_ERROR",
"failure-message": "Transfer request timeout.",
"account-id": "480351544584",
"connector-arn": "arn:aws:transfer:us-east-1:account-id:connector/connector-id",
"local-directory-path": "/connectors-localbucket",
"egress-type": "SERVICE_MANAGED"
}
```
此日志条目用于成功执行的 SEND 操作。
```
{
"operation": "SEND",
"timestamp": "2024-04-24T18:16:12.513207284Z",
"connector-id": "connector-id",
"transfer-id": "transfer-id",
"file-transfer-id": "transfer-id/file-transfer-id",
"url": "sftp://server-id.server.transfer.us-east-1.amazonaws.com",
"file-path": "/amzn-s3-demo-bucket/my-test-folder/connector-metrics-us-east-1-2024-01-02.csv",
"status-code": "COMPLETED",
"start-time": "2024-04-24T18:16:12.295235884Z",
"end-time": "2024-04-24T18:16:12.461840732Z",
"account-id": "255443218509",
"connector-arn": "arn:aws:transfer:us-east-1:account-id:connector/connector-id",
"bytes": 275,
"egress-type": "SERVICE_MANAGED"
}
```
前面日志示例中一些关键字段的描述。
+ `timestamp`表示何时将日志添加到 CloudWatch。 `start-time`并`end-time`对应于连接器实际开始和完成传输的时间。
+ `transfer-id`是为每个`start-file-transfer`请求分配的唯一标识符。如果用户在单个 `start-file-transfer` API 操作中传递多个文件路径,则所有文件共享相同的路径`transfer-id`。
+ `file-transfer-id`是为每个传输的文件生成的唯一值。请注意,的初始`file-transfer-id`部分与相同`transfer-id`。
## VPC Lattice 连接器的日志条目示例
本节包含 VPC 莱迪思连接器的示例日志。对于 VPC Lattice 连接器,日志包括其他字段,这些字段提供有关连接器配置和网络设置的信息。
此日志条目适用于成功完成的 VPC Lattice 连接器发送操作。
```
{
"operation": "SEND",
"timestamp": "2025-09-05T14:20:19.577192454Z",
"connector-id": "connector-id",
"transfer-id": "transfer-id",
"file-transfer-id": "transfer-id/file-transfer-id",
"file-path": ""/amzn-s3-demo-bucket/my-test-folder/connector-vpc-lattice-us-east-1-2025-03-22.csv"",
"status-code": "COMPLETED",
"start-time": "2025-09-05T14:20:19.434072509Z",
"end-time": "2025-09-05T14:20:19.481453346Z",
"account-id": "account-id",
"connector-arn": "arn:aws:transfer:us-east-1:account-id:connector/connector-id",
"remote-directory-path": "/test-bucket/test-folder/",
"bytes": 262,
"egress-type": "VPC_LATTICE",
"vpc-lattice-resource-configuration-arn": "arn:aws:vpc-lattice:us-east-1:account-id:resourceconfiguration/resource-configuration-arn-id,
"vpc-lattice-port-number": 22
}
```
VPC Lattice 连接器日志包括以下其他字段:
+ `egress-type`-连接器的出口配置类型
+ `vpc-lattice-resource-configuration-arn`-定义目标 SFTP 服务器位置的 VPC 莱迪思资源配置的 ARN
+ `vpc-lattice-port-number`-用于通过 VPC 莱迪思连接到 SFTP 服务器的端口号
## 密钥交换算法失败的日志条目示例
本节包含密钥交换算法 (KEX) 失败的示例日志。这些是结构化日志的 ER **RO** RS 日志流中的示例。
此日志条目是存在主机密钥类型错误的示例。
```
{
"activity-type": "KEX_FAILURE",
"source-ip": "999.999.999.999",
"resource-arn": "arn:aws:transfer:us-east-1:999999999999:server/s-999999999999999999",
"message": "no matching host key type found",
"kex": "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-rsa,ssh-dss"
}
```
此日志条目是 KEX 不匹配的示例。
```
{
"activity-type": "KEX_FAILURE",
"source-ip": "999.999.999.999",
"resource-arn": "arn:aws:transfer:us-east-1:999999999999:server/s-999999999999999999",
"message": "no matching key exchange method found",
"kex": "diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group14-sha256"
}
```