Get Firewall Logs

Get Firewall Logs

Log filters are encapsulated in a FIQL filter query parameter. Sample filter: filter=(timestamp=gt=2020-07-24T00:00:00,timestamp=lt=2020-08-24T00:00:00;ruleId==a4ec73d6-9937-4b32-bdc7-b4dda5366391) Supported filters are:

  • timestamp. Log timestamp. This is optional. Must be in ISO 8601 format (i.e. 2020-07-24T00:00:00.000Z). Defaults to the current time.
  • ruleId. Id of the firewall rule. This is optional. This field is responsible for filtering logs based on rule firewall rule id.
  • addressFamily. IP address family. Either IPV4 or IPV6. This is optional.
  • reason. Criteria for which an action is taken by the firewall rule. This is optional.
  • action. Action taken by the firewall rule. This is optional.
  • direction. Direction of network traffic on the edge gateway. Can be IN or OUT. This is optional.
  • protocol. The protocol used for communication between source and destination hosts. Can be TCP, UDP or PROTO. This is optional.
  • sourceIpAddress. IP address of the source host. This is optional. Must be either in IPv4 or IPv6 format. This field is responsible for filtering logs based on the specified source IP.
  • sourcePort. Port of the source host. This is optional. This field is responsible for filtering logs based on the specified source port.
  • destinationIpAddress. IP address of the destination host. This is optional. Must be either in IPv4 or IPv6 format. This field is responsible for filtering logs based on the specified destination IP.
  • destinationPort. Port of the destination host. This is optional. This field is responsible for filtering logs based on the specified destination port.
Request
URI
GET
https://{api_host}/cloudapi/2.0.0/edgeGateways/{gatewayId}/firewall/logs
COPY
Path Parameters
string
externalNetworkId
Required

externalNetworkId

string
externalNetworkId
Required

externalNetworkId

Query Parameters
string
filter
Optional

Filter for a query. FIQL format.

string
sortAsc
Optional

Field to use for ascending sort

string
sortDesc
Optional

Field to use for descending sort

integer
page
Required

Page to fetch, zero offset.

integer
pageSize
Required

Results per page to fetch.


Authentication
This operation uses the following authentication methods.
Responses
200

OK

Returns GatewayFirewallLogs of type(s) application/json;version=39.0
This response body class contains all of the following: Page , InlineGatewayFirewallLogs1
{
    "resultTotal": 0,
    "pageCount": 0,
    "page": 0,
    "pageSize": 0,
    "associations": [
        {
            "entityId": "string",
            "associationId": "string"
        }
    ],
    "values": [
        {
            "timestamp": "2020-07-24T00:00:00.000+0000",
            "addressFamily": "string",
            "reason": "string",
            "action": "string",
            "ruleId": "string",
            "ruleName": "string",
            "direction": "string",
            "packetLength": 0,
            "protocol": "string",
            "sourceIpAddress": "string",
            "sourcePort": 0,
            "destinationIpAddress": "string",
            "destinationPort": 0
        }
    ]
}