The log analysis feature of Cloud Firewall allows you to collect, query, analyze, transform, and consume logs of Internet traffic in real time. The log analysis feature also ensures that your resources meet the requirements of classified protection compliance. This topic describes the assets, billing, and limits of the log analysis feature in Cloud Firewall.

Assets

  • Dedicated projects and dedicated Logstores
    After you enable the log analysis feature of Cloud Firewall, Log Service creates a project named cloudfirewall-project-Alibaba Cloud account ID-ap-southeast-1 and a Logstore named cloudfirewall-logstore.
    Note
  • Dedicated dashboards
    After you enable the log analysis feature, Log Service generates one dashboard by default.
    Note We recommend that you do not make changes to the dedicated dashboard because this may affect the usability of the dashboard. You can create a custom dashboard to visualize the results of log analysis. For more information, see Create a dashboard.
    Dashboard Description
    Report Shows the statistics of Cloud Firewall. The information displayed on the dashboard includes the basic indicators, inbound traffic sources, outbound traffic distribution, and system stability.

Billing

You are billed based on the duration and storage space when you enable the log analysis feature in the Cloud Firewall console. You are also billed when you transform logs, ship logs, and read data on the Internet in the Log Service console. For more information, see Log Service pricing.

Limits

  • You can write only Cloud Firewall log data to a dedicated Logstore.
  • You cannot delete dedicated Logstores. You cannot modify the data retention period of a dedicated Logstore.
  • If you have overdue payments for your Log Service resources, the log analysis feature is automatically stopped. To ensure service continuity, you must pay your overdue payment within the prescribed time limit.
  • If the storage space of a dedicated Logstore is full, no more logs can be written to the Logstore.
    Note You can view the usage of log storage space in the Cloud Firewall console. However, the usage is not updated in real time. The storage space usage displayed is delayed by two hours.

Benefits

  • Classified protection compliance: The log analysis feature can store the website access logs for more than six months. The log analysis feature ensures that websites meet the requirements of classified protection compliance.
  • Simple configuration: You can perform a few simple steps to enable the analysis feature and start to collect Internet traffic logs in real time.
  • Real-time analysis: Based on Log Service, the log analysis feature provides real-time analysis and log reports for Internet traffic and access details.
  • Real-time alerts: The log analysis feature can be used to monitor specified indicators and send alerts in real time. This helps you resolve business exceptions at the earliest opportunity.
  • High compatibility: The log analysis feature is compatible with other data solutions such as stream processing, cloud storage, and visualization. This allows you to maximize the value of your business data.