All Products
Search
Document Center

Cloud Firewall:Export logs

Last Updated:Feb 04, 2024

You can download log query and analysis results to your computer or ship logs to Object Storage Service (OSS) buckets for storage. This helps facilitate detailed data review and long-term archiving of log data.

Prerequisites

The log analysis feature of Cloud Firewall is enabled. For more information, see Overview.

Download logs to your computer

You can download logs to your computer in the Cloud Firewall console or by using a CLI or Cloud Shell. The limits on data amounts and dependency deployment vary based on the download method. For more information, see Download logs.

Download in the Cloud Firewall console (recommended)

Important
  • The number of log lines and the amount of log data that you can download at a time cannot exceed the upper limit. If the number of log lines and the amount of log data that you want to download exceeds the upper limit, the excess logs cannot be downloaded. To download the full logs in this scenario, you can shorten your query time range and repeat the download operations until the full logs are downloaded.

    You can view the download tasks in the Log Export History dialog box.

  • Log Service allows for up to three concurrent download operations within each Alibaba Cloud account. Log Service does not limit the total number of download operations. If more than three download operations are concurrently performed or multiple Resource Access Management (RAM) users are used to download logs at the same time, an error may be reported. In this case, you must wait until other download operations are complete and try again.
  • Log Service stores only the export records that are generated within the previous 24 hours and deletes the export records 24 hours after the records are generated.
  • If a download task fails because network errors occur or query results are inaccurate, Log Service automatically retries the task. If the download task fails after three retries, the download task enters the Failed state.
  1. Log on to the Cloud Firewall console.

  2. In the left-side navigation pane, choose Log Analysis > Log Analysis. On the Log Analysis page, click the Logs tab.

  3. If you want to download log query and analysis results, configure search conditions and perform the required operations. For more information, see Query and analyze logs.

  4. On the Raw Logs tab, move the pointer over the image icon and click Download Log.

    Note

    If no logs are collected, the Download Log button is dimmed.

  5. In the Log Download dialog box, configure the following parameters and click OK.

    image

    ParameterDescription
    Task NameThe name of the download task.
    Log QuantityThe number of logs that you want to download.
    Data FormatThe data format of the file to which you want to download logs. The CSV and JSON formats are supported.
    • If you select CSV, the column names in the file are generated based on the fields of the first 100 logs. If the subsequent logs contain new fields, the new fields are stored in the last column of the file in the JSON format. The name of the last column is empty.
    • If you select JSON, each log is converted to the JSON format and written to the file as a single line.
    QuoteThe quote that is used to enclose special characters in logs. The enclosed special characters are not escaped.
    Download Inaccurate ResultsSpecifies whether to download inaccurate results. If you select No, the download task fails when the query results are inaccurate.
    Compression MethodThe method that is used to compress logs. Valid values: gzip, lz4, zstd, and Uncompressed.

    If you want to download a large number of logs, we recommend that you select a compression method. This way, the log amount can be significantly reduced, and the logs can be quickly downloaded.

    Sorting RuleThe rule that is used to sort logs.
  6. In the Log Export History dialog box, wait until the status of the task changes to Successful and click Download to download the logs to your computer.

    You can also move the pointer over the image icon on the Raw Logs tab and click History to view the log download records.

Download logs by using Cloud Shell

Important The Cloud Shell server resides in the China (Shanghai) region. If you download logs from a Logstore that does not reside in the China (Shanghai) region, you are charged for read traffic over the Internet when you download logs. For more information, see Log Service Pricing.
  1. Log on to the Cloud Firewall console.

  2. In the left-side navigation pane, choose Log Analysis > Log Analysis. On the Log Analysis page, click the Logs tab.

  3. If you want to download log query and analysis results, configure search conditions and perform the required operations. For more information, see Query and analyze logs.

  4. On the Raw Logs tab, move the pointer over the image icon and click Download Log.

    Note

    If no logs are collected, the Download Log button is dimmed.

  5. In the Log Download dialog box, click Download with Cloud Shell. Then, click OK to go to the Cloud Shell page.

    On the Cloud Shell page, logs are automatically downloaded. After the logs are downloaded, the Download File message appears.

  6. In the Download File dialog box, click OK.

    A TXT-formatted file is downloaded to your computer.

Download logs by using a CLI

If you want to download a large number of logs, you can use a CLI.

  1. Install Log Service CLI. For more information, see Install Simple Log Service CLI.
  2. Obtain the AccessKey pair of the current account. For more information, see AccessKey pair.
  3. Obtain the command that is used to download logs.

    1. Log on to the Cloud Firewall console.

    2. In the left-side navigation pane, choose Log Analysis > Log Analysis. On the Log Analysis page, click the Logs tab.

    3. If you want to download log query and analysis results, configure search conditions and perform the required operations. For more information, see Query and analyze logs.

    4. In the Log Download dialog box, click Download with CLI.

    5. Click Copy Command.

      image

    6. Replace the value of access-id and access-key in the download command with the AccessKey pair that you obtained.

    7. Run the command in the command line tool.

For more information, see Overview of Simple Log Service CLI.

Ship logs to OSS

If you want to store a large number of logs for a long period of time, you can ship the logs to OSS buckets on a regular basis for storage and analysis. For more information, see Create an OSS data shipping job (new version).

References

For more information about log fields, see Log fields.