Log reports

Procedure

1. Log on to the Cloud Firewall console.
2. In the left-side navigation pane, choose Logs > Log Analysis.
3. In the upper-right corner of the Reports tab, click Please Select.
   
4. On the Time page, specify a time range for displaying reports of Internet traffic logs. You can specify a time range in the Relative, Time Frame, or Custom section.

   Section	Description
   Relative	Displays log data collected within a specified time range going back from the current time. This time range is accurate to seconds. Assume that the current time is 2019-10-17 23:08:00. The value 2019-10-17 23:07:00~2019-10-17 23:08:00 indicates that log data collected in the last minute is displayed. You can specify a time range in days, hours, minutes, or seconds.
   Time Frame	Displays log data collected within a specified time range. For example, the value 2019-10-10 00:00:00~2019-10-17 00:00:00 indicates that log data was collected for the week starting from 2019-10-10 00:00:00. You can specify a time range in days, hours, or minutes.
   Custom	Displays log data collected within a custom time range. The start and end time is accurate to minutes.

   After you specify a time range, all dashboards on the Reports tab are refreshed to display data within this time range.

   For more information about the dashboards, see Log report dashboards.

   Note The specified time range is only valid on the current page. The next time you open the Reports tab, the time range of the dashboards is restored to the default.
5. Optional: On the Reports tab, perform operations on a dashboard.
   In the upper-right corner of the target dashboard, click the icon to show the menu.

   The menu of a dashboard supports the following operations:

   • Select Time Range: The dashboard displays basic metrics within the specified time range. You can specify a relative time range, time frame, or custom time range. For more operations, see the descriptions in step 4.
   • Download Log: Select this option to save the logs as an Excel file to your computer.
   • Download Chart: Select this option to save the dashboard as a PNG file to your computer.
   • Preview Query Statement: Click the icon to view the query statement of the log metrics in the dashboard. You can use the statement to query the log data on the Logs tab. For more information about log queries, see Log search and analysis.
6. Optional: Subscribe to log reports. You can specify the frequency at which the system sends log data notifications by email or DingTalk chatbot.

   In the upper-right corner of the Reports tab, click Subscribe. On the Create Subscription page that appears, subscribe to Internet traffic log reports.

   1. In Subscription Configuration, configure the following parameters.

      Parameter	Description
      Subscription Name	The name of the log report subscription. A default name is provided, but you can change it as needed.
      Frequency	The frequency at which log report notifications are sent. Valid values: Hourly: A notification is sent every hour. Daily: A notification is sent each day at a specified hour between 00:00 and 23:00. Weekly: A notification is sent each week on a specified day at a specific hour between 00:00 and 23:00. Fixed Interval: A notification is sent at a specified interval. You can select Days or Hours. Cron: Use a cron expression to customize the frequency. The time specified in a cron expression is accurate to minutes and is in the 24-hour notation. You can refer to the examples in the console to write a cron expression.
      Add Watermark	The address that sends the notification is attached to the image as a watermark. It can be an email address or a webhook URL of the DingTalk chatbot.

   2. Click Next to set a notification type.

      Notification type	Parameter	Description
      Email	Recipients	The email address of the recipient. You can add more than one recipient.
      	Subject	The subject of the email. A default subject is provided, but you can change it as needed.
      WebHook-DingTalk Bot	Request URL	The webhook URL requested. For more information about how to obtain the webhook URL, see Configure DingTalk chatbot notifications.
      	Title	The title of the webhook. A default title is provided, but you can change it as needed.

   3. Click Submit.
   4. In the dialog box that appears, click OK.
   After the subscription is created, you can move the pointer over the Subscribe button on the Reports tab to view the subscription.

   You can also click Subscribe to modify the subscription configurations and notification type or cancel the subscription.

   

   Note You can only create one subscription. To create a new subscription, you must cancel the existing one.
7. Optional: In the upper-right corner of the Reports tab, click Refresh to set the frequency to refresh log reports.
   

   Frequency	Description
   Once	Trigger a refresh immediately.
   Auto Refresh	Specify a refresh frequency. You can set it to 15 seconds, 60 seconds, 5 minutes, or 15 minutes.

Log report dashboards

Log reports provide a global view of Internet traffic, including basic traffic metrics, inbound and outbound traffic trends, and traffic distribution. The following table describes all dashboards supported by Cloud Firewall.