Help Center/
Web Application Firewall/
User Guide (ME-Abu Dhabi Region) /
Viewing Protection Events/
Querying Protection Events
Updated on 2025-05-15 GMT+08:00
Querying Protection Events
WAF sorts out the attacks, the ten websites attacked the most, ten attack source IP addresses that launched the most attacks, and the ten URLs attacked the most for a selected time range. You can view the blocked or logged events on the Events page. You can view details of events generated by WAF, including the occurrence time, attack source IP address, geographic location of the attack source IP address, malicious load, and hit rule for an event.
Constraints
- On the WAF console, you can view the event data for all protected domain names over the last 30 days. You can authorize LTS to log WAF activities so that you can view attack and access logs and store all logs for a long time. For more details, see Using LTS to Log WAF Activities.
- If you switch the WAF working mode for a website to Suspended, WAF only forwards all requests to the website without inspection. It does not log any attack events neither.
- If the security software installed on your server blocks the event file from being downloaded, close the software and download the file again.
Viewing Protection Event Logs
- Log in to the management console.
- Click
in the upper left corner of the management console and select a region or project. - Click
in the upper left corner of the page and choose . - In the navigation pane on the left, click Events.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
