tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Web Application Firewall
    Documentation
    Download PDF

    Log Shipping

    Last updated: 2023-12-29 14:51:09
    Download PDF

      Log Shipping

      Log shipping allows you to send logs to CLS and CKafka, helping you gain more out of logs and meet user needs for operation and maintenance. To ship custom fields for your access logs, submit a ticket.
      Note
      For any exception with log shipping, contact us.
      To ship attack logs/access logs, activate the paid you need.
      After the shipping destination is configured, enable log shipping as instructed.
      Log shipping can be used with log service. Enable these features as needed.

      Shipping Logs to CLS

      To ship logs to CLS, you need to activate CLS and grant WAF required permissions.
      Note
      If CLS is already activated, skip to Step 3.
      1. Log in to the WAF console. Select Access Logs/Attack Logs on the left sidebar and the Log shipping tab.
      2. If you have not activated CLS, click Activate now. For details, see Cloud Log Service.
      3. Authorize WAF to ship data to CLS.
      3.1 In the Shipping to CLS section, click Configure.
      
      
      3.2 In the pop-up window, click Authorize now.
      
      
      3.3 On the CAM authorization page, click Authorize to allow WAF to ship logs to CLS. If you encounter problems during the process, see Cloud Access Management.
      3.4 Return to the log shipping page and click Configure now. Select the shipping region and log topic and then click OK. Alternatively, click Create to automatically create a WAF logset waf_post_logset. See the CLS console for details.
      
      
      3.5 After logs are sent to CLS, you can enable log shipping for the desired domain names. For details, see Enabling Log Shipping.
      Note
      For any exception with authorization, submit a ticket.

      Shipping Logs to CKafka

      Prerequisites

      You have purchased CKafka instances, and set the instance bandwidth based on actual log usage.
      A ticket is required for connecting your supported environment to CKafka.

      Directions

      1. Log in to the WAF console. Navigate to Access Logs>Log shipping.
      2. Authorize WAF to ship logs to the specified CKafka instance.
      2.1 On the log shipping page, click Configure now to open an authorization pop-up window.
      
      
      2.2 In the pop-up window, click Authorize now.
      
      
      2.3 On the CAM authorization page, click Authorize to allow CKafka to send data to WAF. If you encounter problems during the process, see Cloud Access Management.
      
      
      2.4 After the authorization is complete, go back to the log shipping page and click Configure now.
      3. In the pop-up window, set the required parameters and click OK.
      Supportive environment: Select Tencent Cloud products that you purchased and can be used with CKafka, and then select a CKafka instance and IP port.
      
      
      Parameter
      Description
      Remarks
      Region
      For more information about CKafka supported regions, see Regions and AZs.
      To connect your supportive environment to CKafka, submit a ticket.
      Instance
      The CKafka instance running in the current region.
      Topic ID/name
      The topic ID and name.
      Supportive environment
      The route specified to connect the supportive environment.
      Public domain name: Select a CKafka instance and public domain name and enter the username and password of the instance.
      
      
      Parameter
      Description
      Region
      For more information about CKafka supported regions, see Regions and AZs.
      Instance
      The CKafka instance running in the current region.
      Topic ID/name
      The topic ID and name.
      Supportive environment
      The route specified to connect the supportive environment.
      Username
      The SASL username.
      Password
      The SASL password.
      4. After logs are sent to CKafka, you can enable log shipping for the desired domain names.

      Enabling Log Shipping

      After shipping logs to CLS or shipping logs to Ckafka, you need to enable log delivery for the specified domain name/instance.
      Note
      Shipping attack logs is enabled at the instance level. This feature is only available for instances of Enterprise and above editions.
      Shipping access logs is enabled at the domain level. This feature is available for all instances, regardless of the edition.

      Enabling attack log shipping

      1. Log in to the WAF console and select Instance Management on the left sidebar.
      2. On the instance management page, click Instance name to bring up the sidebar.
      
      
      3. In the instance details, click
      
      to enable attack log shipping for the current instance.
      
      

      Enabling access log shipping

      1. Log in to the WAF console and navigate to Connection Management > Domain names.
      2. On the page displayed, select a target domain name and click More > Log shipping.
      
      
      3. In the advanced settings window, select logs to ship and click Save.
      
      
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy