This topic describes how to export log query results to your local device by using Log Service for WAF.


  1. Log on to the Web Application Firewall console.
  2. In the top navigation bar, select the resource group to which the instance belongs and the region, Mainland China or International, in which the instance is deployed.
  3. In the left-side navigation pane, choose Log Management > Log Service .
  4. On the Log Service page, click the Log Query tab, enter a query statement, and click Search & Analyze.
  5. On the Raw Logs tab, click the download icon Download on the right.
    Note The download icon is not displayed if no query result is found.
  6. In the Log Download dialog box, select Download Log in Current Page or Download all logs in the CLI console.Log Download dialog box
    • Download Log in Current Page: After you select this radio button, click OK to export raw log data that is queried on the current page as a CSV file to your local device.
    • Download all logs in the CLI console
      1. Install the CLI. For more information, see User Guide.
      2. Go to the Security Management page and view and record the AccessKey ID and AccessKey secret of the current user.
      3. Click Copy command and paste the command in the CLI, replace AccessID obtained in step 2 and AccessKey obtained in step 2 with the AccessKey ID and AccessKey secret of the current user, and run the command.

      All raw log data that is recorded by WAF is automatically downloaded and saved to the download_data.txt file in the directory where the command was run.