This topic describes how to export log query results to your computer by using the Log Service for WAF feature.


  1. Log on to the Web Application Firewall console.
  2. In the top navigation bar, select the resource group to which the instance belongs and the region, Mainland China or International, in which the instance is deployed.
  3. In the left-side navigation pane, choose Log Management > Log Service .
  4. Click the Log Query tab, enter a query statement, and then click Search & Analyze.
  5. On the Raw Logs tab, click the download icon Download on the right.
    Note If no query results are returned, the download icon does not appear.
  6. In the Log Download dialog box, select Download Log in Current Page or Download all logs in the CLI console. Download log files
    • Download Log in Current Page: After you select this option button, click OK to export the raw log data queried on the current page as a CSV file to your computer.
    • Download all logs in the CLI console
      1. Install the command-line interface (CLI). For more information, see User Guide.
      2. Go to the Security Management page. Then, view and record the AccessKey ID and AccessKey secret of the current user.
      3. Click Copy command and paste the command in the CLI. Replace AccessID obtained in Step 2 and AccessKey obtained in Step 2 with the AccessKey ID and AccessKey secret of the current user. Then, run the command.

      All the raw log data of WAF is automatically downloaded and saved to the download_data.txt file in the directory where the command is run.