All Products
Search
Document Center

Cloud Firewall:Enable the log analysis feature

Last Updated:Jun 27, 2024

The log analysis feature collects Internet traffic logs in real time. The feature also retrieves and analyzes the collected logs in real time, and displays the results in various dashboards. This topic describes how to enable the log analysis feature.

Background information

If you cannot determine the traffic situation, you can set the action of the access control policy to Monitor. In this case, the traffic between source addresses and destination addresses is allowed. You can use the log analysis feature to analyze traffic behavior and then change the action of the access control policy to Allow or Deny based on the analysis results.

Limits

The log analysis feature is provided only in the following editions of Cloud Firewall: Premium Edition, Enterprise Edition, Ultimate Edition, and Cloud Firewall that uses the pay-as-you-go billing method.

Usage notes

If you use Cloud Firewall that uses the pay-as-you-go billing method, the project and Logstore that are dedicated to Cloud Firewall are not automatically deleted. You can manually delete the dedicated project and Logstore in the Simple Log Service console.

Enable the log analysis feature

Method 1:

  1. Visit the Cloud Firewall buy page.

  2. Set the Log Analysis parameter to Yes, configure the Log Storage parameter, click Buy Now, and then complete the payment.

    For more information, see Subscription.

    image

  3. Log on to the Cloud Firewall console.

  4. In the left-side navigation pane, choose Log Monitoring > Log Analysis.

  5. Click Enable Now to enable the log analysis feature.

Method 2:

  1. Log on to the Cloud Firewall console.

  2. In the left-side navigation pane, choose Log Monitoring > Log Analysis.

  3. On the Log Analysis page, click Upgrade Now or Enable Now.

  4. Enable the log analysis feature as prompted.

  5. On the Log Analysis page of the Cloud Firewall console, click Log Delivery in the upper-right corner, and turn on the switches for the traffic logs that you want to collect.

    You can turn on the switches of the following types: internet_log, vpc_firewall_log, dns_firewall_log, ipv6_firewall_log, and nat_firewall_log.

    The log analysis feature collects all traffic logs of Cloud Firewall in real time.