The page has been translated by Gen AI.

Security Group Logging

To store Security Group logs, first create a bucket in Object Storage for log storage and configure that bucket in the Security Group Logging repository. Then, on the Security Group Details page, set up log storage, and the Security Group logs will be saved to the Object Storage bucket.

To save Security Group logs, follow these steps.

To store Security Group logs, you can create a bucket in Object Storage or use an existing bucket. To create a bucket, refer to Object Storage 생성하기.
To configure the bucket for the log repository of Security Group Logging, refer to Security Group Logging Log Repository Setup.
In the Security Group detail view, to set log storage to Enabled, please refer to Security Group Enable Log Storage.

Security Group Logging Configure log storage usage

To set the log storage option of a Security Group to Enabled, you must first configure a log repository in Security Group Logging.

Reference

To set up the log repository for Security Group Logging, you need an Object Storage bucket for log storage. First, create a bucket in the Object Storage service. For more details, refer to Create Object Storage.

To enable the log repository for Security Group Logging, follow these steps.

All Services > Management > Network Logging > Security Group Logging Click the menu. You will be taken to the Security Group Logging List page.
On the Security Group Logging List page, click the Log Storage Settings button at the top. You will be taken to the Log Storage Settings popup.
Log storage settings In the popup window, select the log storage bucket. When you select a bucket, the log storage path is displayed.
Log storage settings In the popup window, after checking Log storage bucket and Log storage path, click the Confirm button.
Notification After reviewing the message in the popup window, click the Confirm button.

guide

After configuring the log repository for Security Group Logging, you must set the log storage option to Enabled on the Security Group Details page for logging to begin. For more details, refer to Security Group Log Storage Usage.

Query Security Group Logging List

If you configure the log storage bucket for Security Group Logging, you can view the Security Group Logging list.

To view the Security Group Logging list, follow these steps.

Click the All Services > Management > Network Logging > Security Group Logging menu. Navigate to the Security Group Logging List page.
Security Group Logging List page, verify the resources in use and the log storage targets.
Category Detailed description
Resource ID Security Group ID
Save target Security Group name
Save registration date and time Security Group log storage registration timestamp
Table. Security Group Logging list items
Reference
After configuring the log repository for Security Group Logging, you must set the log storage option to Enabled in the Security Group detail view for logging to begin. For more details, see Security Group Log Storage Usage.

Category	Detailed description
Resource ID	Security Group ID
Save target	Security Group name
Save registration date and time	Security Group log storage registration timestamp

Security Group Logging Check detailed information

The stored logs have different detailed information depending on the protocol. Refer to the information below to view the details.

TCP / UDP

Example of stored log: 2024-10-11T02:18:39,drop,to-lport: tcp,198.19.65.2,6443,192.168.22.131,20427

Category	Explanation
2024-10-11T02:18:39	Log date and time (2024-10-11, 02:18:39)
drop	Action (drop / allow)
to-lport	Direction to-lport: inbound from-lport: outbound
tcp	Protocol (tcp / udp / icmp / ip)
192.168.65.2	Source IP
6443	Departure Port
192.168.22.131	Destination IP
20427	Destination Port

Table. TCP/UDP log detailed information items

ICMP

Saved log example: 2024-10-11T02:18:39,allow,to-lport: icmp,192.168.65.2,192.168.22.131,8

Category	description
2024-10-11T02:18:39	Log date and time (2024-10-11, 02:18:39)
to-lport	Direction to-lport: inbound from-lport: outbound
allow	Action (drop / allow)
tcp	Protocol (tcp / udp / icmp / ip)
192.168.65.2	Source IP
192.168.22.131	Destination IP
8	ICMP type ID

Table. ICMP log detailed information items

IP

Stored log example: 2024-10-11T02:18:39,deny,ip,192.168.65.2,192.168.22.131,103

Category	Explanation
2024-10-11T02:18:39	Log date and time (2024-10-11, 02:18:39)
deny	Action (drop / allow)
ip	Protocol
192.168.65.2	Source IP
192.168.22.131	Destination IP
103	IP Protocol ID 1: ICMP 6: TCP 17: UDP

Table. IP Log Detailed Information Items

Security Group Logging Disable Log Storage Configuration

In Security Group Logging, you can set the log storage to unused.

To disable the log repository for Security Group Logging, follow these steps.

Click the All Services > Management > Network Logging > Security Group Logging menu. You will be taken to the Security Group Logging List page.
Security Group Logging List page, click the top Log Storage Settings icon. You will be taken to the Log Storage Settings popup window.
Log storage configuration in the popup window, select log storage bucket as Not used, and click the Confirm button.

Reference

Log storage settings can be changed when no log storage target is configured.
To change the log storage bucket, first set it to disabled. Then you can modify it by re-enabling it.

How-to guides

Migration Rules