Log Shipping

Web Application Firewall

Release Notes and Announcements

Release Notes

Product Announcement

Adjusting Billing of WAF BOT Traffic Management

Announcements

Security Advisory

Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-44832)

Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-45046)

Notice for Apache Log4j 2 RCE Vulnerability (CVE-2021-44228)

Notice for WebLogic Console HTTP RCE Vulnerability

Notice for Exchange Server Command Execution Vulnerability

Notice for Yonyou GRP-U8 SQL Injection Vulnerability

Notice for Apache Cocoon XXE Vulnerability (CVE-2020-11991)

Notice for WordPress File Manager Arbitrary Code Execution Vulnerability

Jenkins Security Advisory for September

Notice for Apache Struts 2 RCE Vulnerabilities (CVE-2019-0230 and CVE-2019-0233)

Notice for Apache SkyWalking SQL Injection Vulnerability (CVE-2020-13921)

Product Introduction

Purchase Guide

Billing Overview

WAF Plan Upgrade Method

Getting Started

Operation Guide

SaaS WAF Connection

Step 1. Add a Domain Name

Step 2. Perform Local Testing

Step 3. Modify DNS Resolution

Step 4. Configure a Security Group

Step 5. Verify the Configuration

CLB WAF Connection

Step 1. Confirm CLB Configuration

Step 2. Bind Domain Name to CLB Instance

Step 3: Verify the configuration

Connect Via Instance Object

Cloud-Native Instance Object Access

Bot and Application Security

Bot Settings

Bot Management

Overview

Rule Overview

Advanced

Client Risk Identification

Bot Analytics

AI Policies

Threat Intelligence Module

Bot Flow Statistics Module

Action Settings

Bot Traffic Visibility

Asset Center

Advanced Connection Feature

API Asset Management

Basic Security Configurations

CC Protection Rule Settings

Web Tamper Protection

Data Leakage Protection

API Security

API Security Management

API Traffic Analysis

Threat Operation

API Event Management

Bot Event Management

Blocklist/Allowlist Protection Settings

Features

IP Blocklist

IP Allowlist

Precise Allowlist Management

Statistics and Logs

Sandbox Isolation Status

Practical Tutorial

WAF CCP Overview

Bot Management

Best Practices of Scenario-Based Bot Configuration

API Security

API Security Practice Tutorial

WAF Working with API Gateway

API Capacity Protection

API Data Security and Enhancement

API Exposure Management

API Behavior Control

Integration

Combined Application of WAF and Anti-DDoS Pro

Applying for and Using Free HTTPS Certificates

Obtaining Real Client IPs

Replacing Certificate

Protection Configuration

Setting CC Protection

Connecting Frontend-Backend Separated Site to WAF CAPTCHA

Setting WAF Exception Alarms in TCOP

Best Practices of Bot Traffic Management Connection

API Documentation

Making API Requests

Asset Management APIs

DescribeDomains

Billing APIs

CreateDeals

GenerateDealsAndPayNew

DescribeInstances

Protection Settings APIs

Other APIs

IP Management APIs

DeleteIpAccessControlV2

DescribeBatchIpAccessControl

DescribeIpAccessControl

CreateIpAccessControl

ModifyIpAccessControl

ImportIpAccessControl

Integration APIs

DescribeHostLimit

DescribeUserDomainInfo

DescribeCertificateVerifyResult

ModifySpartaProtection

AddSpartaProtection

DescribePorts

DescribeUserClbWafRegions

RefreshAccessCheckResult

DeleteSpartaProtection

DescribeCiphersDetail

DescribeDomainDetailsClb

DescribeDomainDetailsSaas

ModifyDomainIpv6Status

Log Service APIs

ModifyDomainPostAction

SearchAttackLog

Security Overview APIs

DescribeTopAttackDomain

DescribeAttackOverview

FAQS

Connection

Service Level Agreement

WAF Policy

Data Processing And Security Agreement

Glossary

DocumentationWeb Application FirewallOperation GuideStatistics and LogsLog Shipping

Log Shipping

Download PDF

Last updated: 2023-12-29 14:51:09

Log Shipping

Last updated: 2023-12-29 14:51:09

Download PDF

Log Shipping
Log shipping allows you to send logs to CLS and CKafka, helping you gain more out of logs and meet user needs for operation and maintenance. To ship custom fields for your access logs, submit a ticket.
Note
For any exception with log shipping, contact us.
To ship attack logs/access logs, activate the paid you need.
After the shipping destination is configured, enable log shipping as instructed.
Log shipping can be used with log service. Enable these features as needed.
Shipping Logs to CLS
To ship logs to CLS, you need to activate CLS and grant WAF required permissions.
Note
If CLS is already activated, skip to Step 3.
1. Log in to the WAF console. Select Access Logs/Attack Logs on the left sidebar and the Log shipping tab.
2. If you have not activated CLS, click Activate now. For details, see Cloud Log Service.
3. Authorize WAF to ship data to CLS.
3.1 In the Shipping to CLS section, click Configure.
﻿
﻿
3.2 In the pop-up window, click Authorize now.
﻿
﻿
3.3 On the CAM authorization page, click Authorize to allow WAF to ship logs to CLS. If you encounter problems during the process, see Cloud Access Management.
3.4 Return to the log shipping page and click Configure now. Select the shipping region and log topic and then click OK. Alternatively, click Create to automatically create a WAF logset waf_post_logset. See the CLS console for details.
﻿
﻿
3.5 After logs are sent to CLS, you can enable log shipping for the desired domain names. For details, see Enabling Log Shipping.
Note
For any exception with authorization, submit a ticket.
Shipping Logs to CKafka
Prerequisites
You have purchased CKafka instances, and set the instance bandwidth based on actual log usage.
A ticket is required for connecting your supported environment to CKafka.
Directions
1. Log in to the WAF console. Navigate to Access Logs>Log shipping.
2. Authorize WAF to ship logs to the specified CKafka instance.
2.1 On the log shipping page, click Configure now to open an authorization pop-up window.
﻿
﻿
2.2 In the pop-up window, click Authorize now.
﻿
﻿
2.3 On the CAM authorization page, click Authorize to allow CKafka to send data to WAF. If you encounter problems during the process, see Cloud Access Management.
﻿
﻿
2.4 After the authorization is complete, go back to the log shipping page and click Configure now.
3. In the pop-up window, set the required parameters and click OK.
Supportive environment: Select Tencent Cloud products that you purchased and can be used with CKafka, and then select a CKafka instance and IP port.
﻿
﻿
Parameter
Description
Remarks
Region
For more information about CKafka supported regions, see Regions and AZs.
To connect your supportive environment to CKafka, submit a ticket.
﻿
Instance
The CKafka instance running in the current region.
﻿
Topic ID/name
The topic ID and name.
﻿
Supportive environment
The route specified to connect the supportive environment.
Public domain name: Select a CKafka instance and public domain name and enter the username and password of the instance.
﻿
﻿
Parameter
Description
Region
For more information about CKafka supported regions, see Regions and AZs.
Instance
The CKafka instance running in the current region.
Topic ID/name
The topic ID and name.
Supportive environment
The route specified to connect the supportive environment.
Username
The SASL username.
Password
The SASL password.
4. After logs are sent to CKafka, you can enable log shipping for the desired domain names.
Enabling Log Shipping
After shipping logs to CLS or shipping logs to Ckafka, you need to enable log delivery for the specified domain name/instance.
Note
Shipping attack logs is enabled at the instance level. This feature is only available for instances of Enterprise and above editions.
Shipping access logs is enabled at the domain level. This feature is available for all instances, regardless of the edition.
Enabling attack log shipping
1. Log in to the WAF console and select Instance Management on the left sidebar.
2. On the instance management page, click Instance name to bring up the sidebar.
﻿
﻿
3. In the instance details, click 
﻿
 to enable attack log shipping for the current instance.
﻿
﻿
Enabling access log shipping
1. Log in to the WAF console and navigate to Connection Management > Domain names.
2. On the page displayed, select a target domain name and click  More > Log shipping.
﻿
﻿
3. In the advanced settings window, select logs to ship and click Save.
﻿
﻿

Was this page helpful?

You can also Contact Sales or Submit a Ticket for help.

Yes

Parameter	Description	Remarks
Region	For more information about CKafka supported regions, see Regions and AZs.	To connect your supportive environment to CKafka, submit a ticket.
	Instance		The CKafka instance running in the current region.
	Topic ID/name		The topic ID and name.
	Supportive environment		The route specified to connect the supportive environment.

tencent cloud

New User Offers

Next-Generation CDN：EdgeOne

Elasticsearch Service free trial

Free Tier

Tencent Cloud Startup Program

Special Offers

Lighthouse Special Offers

Cloud Object Storage Special Offers

Featured Products

New Products

Education

Tencent Cloud Online Education Solutions

Gaming

Gaming Solution

Game Media Solutions

E-commerce

E-commerce retail solutions

Audio & Video

Audio/Video Solution

LVB Recording Solution

Interactive Classroom Solution

Interactive Live Streaming Solution

Audio Chat Social Networking Solution

Financial Services

Financial Services Solution

Compute

Cloud Virtual Machine

Auto Scaling

Batch Compute

CVM Dedicated Host

Database

TencentDB for MySQL

TencentDB for Redis®

TencentDB for CTSDB

TDSQL for MySQL

Data Transfer Service

TencentDB for MongoDB

TencentDB for PostgreSQL

TencentDB for SQL Server

Video Service

Cloud Streaming Services

Video on Demand

Media Processing Service

Cloud Application Rendering

Cloud Contact Center

Game Multimedia Engine

Chat

Real-time Communication

Tencent Effect SDK

AI and Machine Learning

Image Creation Large Model

Face Fusion

eKYC

Optical Character Recognition

Video Creation Large Model

Industry Applications

Tencent HealthCare Omics Platform

Container and Middleware

TDMQ for CKafka

Serverless Cloud Function

Tencent Kubernetes Engine

Tencent Kubernetes Engine for Serverless

Networking

Cloud Load Balancer

Virtual Private Cloud

Direct Connect

Cloud Connect Network

NAT Gateway

VPN Connection

Bandwidth Package

Anycast Internet Acceleration

Elastic Network Interface

Flow Logs

Global Application Acceleration Platform

Security

Captcha

Cloud Workload Protection Platform

Data Security Governance Center

Key Management Service