**引入全新的主机体验 Amazon WAF**
现在,您可以使用更新的体验访问控制台中任意位置的 Amazon WAF 功能。有关更多详细信息,请参阅[使用控制台](https://docs.amazonaws.cn/waf/latest/developerguide/working-with-console.html)。
本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
# Amazon Firewall Manager 信息在 CloudTrail
Amazon Firewall Manager 支持将以下操作作为事件记录在 CloudTrail 日志文件中:
+ [AssociateAdminAccount](https://docs.amazonaws.cn/fms/2018-01-01/APIReference/API_AssociateAdminAccount.html)
+ [DeleteNotificationChannel](https://docs.amazonaws.cn/fms/2018-01-01/APIReference/API_DeleteNotificationChannel.html)
+ [DeletePolicy](https://docs.amazonaws.cn/fms/2018-01-01/APIReference/API_DeletePolicy.html)
+ [DisassociateAdminAccount](https://docs.amazonaws.cn/fms/2018-01-01/APIReference/API_DisassociateAdminAccount.html)
+ [PutNotificationChannel](https://docs.amazonaws.cn/fms/2018-01-01/APIReference/API_PutNotificationChannel.html)
+ [PutPolicy](https://docs.amazonaws.cn/fms/2018-01-01/APIReference/API_PutPolicy.html)
+ [GetAdminAccount](https://docs.amazonaws.cn/fms/2018-01-01/APIReference/API_GetAdminAccount.html)
+ [GetComplianceDetail](https://docs.amazonaws.cn/fms/2018-01-01/APIReference/API_GetComplianceDetail.html)
+ [GetNotificationChannel](https://docs.amazonaws.cn/fms/2018-01-01/APIReference/API_GetNotificationChannel.html)
+ [GetPolicy](https://docs.amazonaws.cn/fms/2018-01-01/APIReference/API_GetPolicy.html)
+ [ListComplianceStatus](https://docs.amazonaws.cn/fms/2018-01-01/APIReference/API_ListComplianceStatus.html)
+ [ListPolicies](https://docs.amazonaws.cn/fms/2018-01-01/APIReference/API_ListPolicies.html)
每个事件或日志条目都包含有关生成请求的人员信息。身份信息有助于您确定以下内容:
+ 请求是否使用根用户凭证发出。
+ 请求是使用角色还是联合用户的临时安全凭证发出的。
+ 请求是否由其他 Amazon 服务发出。
有关更多信息,请参阅 [CloudTrail userIdentity 元素](https://docs.amazonaws.cn/awscloudtrail/latest/userguide/cloudtrail-event-reference-user-identity.html)。
## 示例:Firewall Manager 日志文件条目
跟踪是一种配置,允许将事件作为日志文件传输到您指定的 Amazon S3 存储桶。 CloudTrail 日志文件包含一个或多个日志条目。事件代表来自任何来源的单个请求,包括有关请求的操作、操作的日期和时间、请求参数等的信息。 CloudTrail 日志文件不是公共 API 调用的有序堆栈跟踪,因此它们不会按任何特定顺序出现。
以下示例显示了演示 `GetAdminAccount`--> 操作的 CloudTrail 日志条目。
```
{
"eventVersion": "1.05",
"userIdentity": {
"type": "AssumedRole",
"principalId": "1234567890987654321231",
"arn": "arn:aws:sts::123456789012:assumed-role/Admin/SampleUser",
"accountId": "123456789012",
"accessKeyId": "1AFGDT647FHU83JHFI81H",
"sessionContext": {
"attributes": {
"mfaAuthenticated": "false",
"creationDate": "2018-04-14T02:51:50Z"
},
"sessionIssuer": {
"type": "Role",
"principalId": "1234567890987654321231",
"arn": "arn:aws:iam::123456789012:role/Admin",
"accountId": "123456789012",
"userName": "Admin"
}
}
},
"eventTime": "2018-04-14T03:12:35Z",
"eventSource": "fms.amazonaws.com",
"eventName": "GetAdminAccount",
"awsRegion": "us-east-1",
"sourceIPAddress": "72.21.198.65",
"userAgent": "console.amazonaws.com",
"requestParameters": null,
"responseElements": null,
"requestID": "ae244f41-3f91-11e8-787b-dfaafef95fc1",
"eventID": "5769af1e-14b1-4bd1-ba75-f023981d0a4a",
"eventType": "AwsApiCall",
"apiVersion": "2018-01-01",
"recipientAccountId": "123456789012"
}
```