All Products
Search
Document Center

Simple Log Service:Enable the log analysis feature

Last Updated:Aug 04, 2023

This topic describes how to enable the log analysis feature in the Web Application Firewall (WAF) console. After you enable the log analysis feature, you can collect the logs of WAF to Simple Log Service.

Prerequisites

  • A subscription or pay-as-you-go WAF instance is created. The edition of the subscription WAF instance is Pro, Business, Enterprise, or Exclusive.

    Important

    WAF 2.0 in no longer available.

  • Your website is added to WAF. For more information, see Tutorial.

Procedure

Important

Before you can use a RAM user to enable the log analysis feature, you must grant the required permissions to the RAM user. For more information, see RAM user authorization.

  1. Log on to the WAF console.

  2. In the left-side navigation pane, choose Security Operations > Log Service.

  3. Authorize WAF to use the AliyunWAFAccessingLogRole role to access Simple Log Service as prompted.

    This operation is required only when you enable the log analysis feature for the first time. You must complete the authorization by using your Alibaba Cloud account.

    Warning

    To ensure that WAF logs can be collected to Simple Log Service, do not revoke permissions from the AliyunWAFAccessingLogRole role or delete the AliyunWAFAccessingLogRole role.

  4. On the Log Service page, click Enable now.

  5. On the Log Service page, select the domain name of your website that is protected by WAF, and turn on the Status switch to enable the log analysis feature.

What to do next

After the logs of WAF are collected to Simple Log Service, you can query, analyze, download, ship, and transform the collected logs. You can also configure alert rules for the logs. For more information, see Common operations on logs of Alibaba Cloud services.