> For the complete documentation index, see [llms.txt](https://documentation.alluxio.io/ee-ai-en/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://documentation.alluxio.io/ee-ai-en/administration/audit-access-logs/access-log.md). # Access Log ## 1. Overview To better support enterprise-level data governance and data access monitoring requirements while significantly reducing log storage and processing pressure in high-concurrency scenarios, the system introduces an Aggregated Access Log mechanism. **It is particularly emphasized that the Access Log takes effect on the Worker process.** Its core role is to record key operational trajectories of files cached in the Worker throughout their lifecycle. ## 2. Key Operations Recorded The Access Log focuses on capturing the following five key operations during a file's cache lifecycle: * **LOAD**: File data blocks are loaded into the Alluxio cache for the first time. * **HOT\_READ**: Data is read from the Alluxio cache (cache hit), verifying the cache acceleration effect and identifying the data as "hot." * **COLD\_READ**: Data is read from the underlying UFS (cache miss), used to analyze the cold-to-hot transition process of data. * **EVICT**: Data is evicted from the Alluxio cache due to strategies such as insufficient cache space. * **DELETE**: Cache deletion or release events actively initiated by users. ## 3. Deduplication Mechanism and False Positives To keep the log content concise, the system does not output every single operation in a streaming fashion. Instead, it **uses a Bloom Filter for log deduplication**. This means the Access Log will not record duplicate operation entries, significantly reducing log noise, performance overhead, and storage costs. It should be noted that due to the inherent characteristics of the Bloom Filter algorithm, **the system may experience "False Positive" phenomena, resulting in a very small number of entries that should have been recorded being treated as duplicates and thus omitted**. ## 4. Peak Throughput and Configuration Standards To maintain efficient recording even under extremely high concurrency, the system's current configuration standard is: under peak throughput, it can **process and generate 432 million operation entries within 3 hours**, while strictly controlling the false positive rate at **0.0001**. This ensures that in massive data access scenarios, the log volume is effectively compressed while maintaining high reliability for core access monitoring data. ## 5. Usage The access log is enabled and tuned through the same REST API and User CLI used by the audit log. See [Dynamic Configuration via REST API and CLI](/ee-ai-en/administration/audit-access-logs/audit-log.md#dynamic-configuration-via-rest-api-and-cli). --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://documentation.alluxio.io/ee-ai-en/administration/audit-access-logs/access-log.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.