Delving into the AWS world, I have created two buckets in my AWS. The first one called BucketA (holding the files) and the second one called BucketB (holding the log files). BucketA will be hosting images which will be accessible from the outside world as these are not sensitive. Let's assume the images are called image1.png, image2.png, image3.png and the pattern continues.
Both my buckets are in the same region.
The web addresses for each file is as follows: (these are sample links and are not real and at the moment apparently someone owns them and they are in an access denied mode)
- https://s3.amazonaws.com/logging-bucket-444324324/image1.png
- https://s3.amazonaws.com/logging-bucket-444324324/image1.png
- https://s3.amazonaws.com/logging-bucket-444324324/image1.png
My goal is to accomplish the following: To know which IP address, at what time opened and viewed a certain image.
I have set the Log Delivery for S3 log delivery group in BucketB to read and write, and for BucketA I have enabled the Server access logging and set the Target Bucket to be BucketB.
Now, for testing purposes, I am trying to enter the links above, but I am not getting any logs written in the BucketB.
- Can I accomplish what I am trying to accomplish by this method? (I Know I might use AWS CloudTrail with Data Events but I want to use good-old Server Logging)
- Does this type of loggin work on basic link visit? Or it has to be done programmatically with a specific HTTP GET request so that a log appears?
- Do I need to add any type of Bucket Policy or ACL than the ones automatically generated by allowing log access using the normal web console?
- Does a request gets logged even if the access is denied to that object ?
There is a similar question here: S3 logs do not appear in targeted bucket which was solved by deleting all the buckets and creating new ones, which isn't really providing a solution to the problem and is the aws version of an IT saying Please restart the computer and it should work.
