View log reports

Procedure

1. Log on to the Cloud Firewall console.
2. In the left-side navigation pane, choose Log Analysis > Log Analysis.
3. On the Log Analysis page, click the Reports tab. In the upper-right corner of the Reports tab, click Please Select.
   
4. In the Time panel, specify a time range to query the log reports of Internet traffic. You can specify a time range in the Relative, Time Frame, or Custom section.

   Section	Description
   Relative	If you specify a time range in this section, log data that is collected within the specified time range is displayed. This time range is accurate to seconds. Assume that the current point in time is 2019-10-17 23:08:00. The value 2019-10-17 23:07:00~2019-10-17 23:08:00 indicates that log data collected in the last minute is displayed. You can customize a time range that is accurate to days, hours, minutes, or seconds.
   Time Frame	If you specify a time range in this section, log data that is collected within the specified time range is displayed. This time range is accurate to hours. Assume that the current point in time is 2019-10-17 00:00:00. The value 2019-10-10 00:00:00~2019-10-17 00:00:00 indicates that log data collected in the last week is displayed. You can customize a time range in days, hours, or minutes.
   Custom	If you specify a time range in this section, log data that is collected within the custom time range is displayed. This time range is accurate to minutes.

   After you specify a time range, all dashboards on the Reports tab are refreshed to display traffic data collected within the time range.

   For more information about the dashboards, see Log report dashboard.

   Note The system applies the time settings only to the current tab and does not save the settings. The next time you open the Reports tab, the dashboard displays data based on the default time setting.
5. Optional:On the Reports tab, perform operations on a widget.
   In the upper-right corner of the required widget, click the icon.

   You can perform the following operations on the widget:

   • Select Time Range: You can specify a relative time range, time frame, or custom time range to allow the widget to display log data of a specific metric. For more information, see Time settings.
   • Download Log: You can select this option to save the logs as an Excel file to your computer.
   • Download Chart: You can select this option to save the widget as a PNG file to your computer.
   • Preview Query Statement: You can click the icon to view the statement that is used to query the log data of a specific metric. You can use the statement to query the log data on the Logs tab. For more information, see Log search and analysis.
6. Optional:Subscribe to log reports. You can specify a frequency at which the system sends log report notifications by email or DingTalk chatbot.

   In the upper-right corner of the Reports tab, click Subscribe.In the Create Subscription panel, subscribe to the log reports of Internet traffic.

   1. In the Subscription Configuration step, configure the parameters.

      Parameter	Description
      Subscription Name	The name of the log report subscription. A default name is provided. You can change the name based on your business requirements.
      Frequency	The frequency at which log report notifications are sent. Valid values: Hourly: A notification is sent every hour. Daily: A notification is sent each day at a specified hour between 00:00 and 23:00. Weekly: A notification is sent each week on a specified day at a specific hour between 00:00 and 23:00. Fixed Interval: A notification is sent at a specified interval. You can select Days or Hours. Cron: Use a cron expression to customize the frequency. The time specified in a cron expression is accurate to minutes and is in the 24-hour notation. You can refer to the examples in the console to write a cron expression.
      Add Watermark	The address to which the notification is sent is attached to the image as a watermark. It can be an email address or a webhook URL of the DingTalk chatbot.

   2. Click Next to specify a notification method.

      Notification method	Parameter	Description
      Email	Recipients	The email address of the recipient. You can add more than one recipient.
      	Subject	The subject of the email. A default subject is provided. You can change the subject based on your business requirements.
      WebHook-DingTalk Bot	Request URL	The webhook request URL. For more information about how to obtain the URL, see Configure DingTalk chatbot notifications.
      	Title	The title of the webhook. A default title is provided. You can change the title based on your business requirements.

   3. Click Submit.
   4. In the message that appears, click OK.
   After the subscription is created, you can move the pointer over Subscribe on the Reports tab to view the subscription.

   You can also click Subscribe to modify the subscription configurations and notification method or cancel the subscription.

   

   Note You can create only one subscription. To create a subscription, you must cancel the existing one.
7. Optional:In the upper-right corner of the Reports tab, click Refresh to specify the frequency at which you want to refresh log reports.
   

   Frequency	Description
   Once	Log reports are immediately refreshed.
   Auto Refresh	Log reports are refreshed at the frequency that you specify. You can set the frequency to 15 seconds, 60 seconds, 5 minutes, or 15 minutes.

Log report dashboard

Log reports provide a global view of Internet traffic, including basic traffic metrics, inbound and outbound traffic trends, and traffic distribution. The following table describes all widgets supported by Cloud Firewall.