Firewall Logging
To store firewall logs, first create a bucket in Object Storage for the logs and configure that bucket in the log repository of Firewall Logging. Then, on the Firewall Details page, set up log storage, and the firewall logs will be saved to the Object Storage bucket.
To save firewall logs, configure it according to the following steps.
- To store firewall logs, you can create a bucket in Object Storage or use an existing bucket. To create a bucket, refer to Create Object Storage.
- To set the bucket for the Firewall Logging log repository, refer to Firewall Logging 로그 저장소 사용하기.
- To set the log storage option to Enabled in the detailed view of the Firewall, refer to Using Firewall Log Storage.
Firewall Logging Configure log storage usage
To set the firewall’s log storage to enabled, you must first configure the log repository in Firewall Logging.
To enable the Firewall Logging log repository, follow these steps.
- Click the All Services > Management > Network Logging > Firewall Logging menu. Go to the Firewall Logging List page.
- On the Firewall Logging List page, click the top Log Storage Settings button. You will be taken to the Log Storage Settings popup.
- Log storage settings In the popup window, select the log storage bucket. When you select a bucket, the log storage path is displayed.
- Log storage settings In the popup window, after verifying Log storage bucket and Log storage path, click the Confirm button.
- Notification After reviewing the popup message, click the Confirm button.
View Firewall Logging List
If you configure the Firewall Logging log storage bucket, you can view the Firewall Logging list.
To view the Firewall Logging list, follow these steps.
- Click the All Services > Management > Network Logging > Firewall Logging menu. You will be taken to the Firewall Logging List page.
- On the Firewall Logging List page, verify the resources in use and the log storage targets.
Category Detailed description Resource ID Firewall ID Save target Firewall name Save registration date and time Firewall log repository registration timestamp Table. Firewall Logging list items
Check detailed information of Firewall Logging
Refer to the information below to view the detailed contents of the stored log.
Stored log example: 2024-10-11T11:23:43,deny,0,17,4.1.1.100,45499,192.168.10.10,53
| Category | description |
|---|---|
| 2024-10-11T11:23:43 | Date and time of the log occurrence (2024-10-11, 11:23:43) |
| deny | Action (deny / accept) |
| 0 | Firewall Rule ID (Policy ID) that generated the log |
| 17 | IP Protocol ID
|
| 4.1.1.100 | Source IP |
| 45499 | Departure Port |
| 192.168.10.10 | Destination IP |
| 53 | Destination Port |
Firewall Logging Configure to not use log storage
In Firewall Logging, you can set the log repository to unused.
Firewall Logging To disable the log repository, follow the steps below.
- Click the All Services > Management > Network Logging > Firewall Logging menu. You will be taken to the Firewall Logging List page.
- Firewall Logging List page, click the top Log Storage Settings button. You will be taken to the Log Storage Settings popup.
- Log storage settings In the popup window, select Log storage bucket as Not used, and click the Confirm button.
- Log storage settings can be changed when no log storage target is configured.
- To change the log storage bucket, first set it to disabled. Then you can modify it by re-enabling it.