Help Center/ Cloud Firewall/ API Reference/ API/ Log Analysis/ Querying Access Control Statistics Details
Updated on 2025-08-12 GMT+08:00

Querying Access Control Statistics Details

Function

This API is used to query details about access control statistics.

Calling Method

For details, see Calling APIs.

URI

GET /v1/{project_id}/cfw/logs/top-access-detail

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Definition

Project ID, which is used to specify the project that an asset belongs to. You can query the assets of a project by project ID. You can obtain the project ID from the API or console. For details, see Obtaining a Project ID.

Constraints

N/A

Range

32-bit UUID.

Default Value

N/A

Table 2 Query Parameters

Parameter

Mandatory

Type

Description

fw_instance_id

Yes

String

Definition

Firewall ID. It is a unique ID generated after a firewall instance is created. You can obtain the firewall ID by referring to Obtaining a Firewall ID.

Constraints

N/A

Range

32-bit UUID.

Default Value

N/A

range

No

Integer

Definition

Time range.

Constraints

N/A

Range

0 (last hour), 1 (last day), or 2 (last seven days)

Default Value

N/A

direction

No

String

Definition

Session direction.

Constraints

N/A

Range

in2out (outbound) or out2in (inbound)

Default Value

N/A

start_time

No

Long

Definition

Start time.

Constraints

N/A

Range

Milliseconds-level timestamp.

Default Value

N/A

end_time

No

Long

Definition

End time.

Constraints

N/A

Range

Milliseconds-level timestamp.

Default Value

N/A

vgw_id

No

Array of strings

Definition

VGW ID

Constraints

N/A

Range

32-bit UUID.

Default Value

N/A

log_type

No

String

Definition

Log type.

Constraints

N/A

Range

internet (north-south logs), nat (NAT logs), vpc (east-west logs), or vgw (VGW logs)

Default Value

N/A

item

Yes

String

Definition

Aggregation type.

Constraints

N/A

Range

top_deny_rule: the blocking rule that was hit

dst_ip: blocked destination IP address

src_ip: blocked source IP address

dst_port: blocked port

dst_region: blocked destination region

src_region: blocked source region

Default Value

N/A

item_id

Yes

String

Definition

Aggregated object.

Constraints

N/A

Range

N/A

Default Value

N/A

Request Parameters

None

Response Parameters

Status code: 200

Table 3 Response body parameters

Parameter

Type

Description

data

AccessDetailVO object

Table 4 AccessDetailVO

Parameter

Type

Description

dst_ip_count

Long

Definition

Number of destination IP addresses.

Range

N/A

dst_port_count

Long

Definition

Number of destination ports.

Range

N/A

hit_count

Long

Definition

Number of hits.

Range

N/A

protocol_count

Long

Definition

Number of protocols.

Range

N/A

recent_end_time

Long

Definition

End time.

Range

N/A

recent_start_time

Long

Definition

Start time.

Range

N/A

record_total

Long

Definition

Number of records.

Range

N/A

records

Array of AccessLogInfo objects

Definition

Hit details.

Range

N/A

rule_hit_count

Long

Definition

Number of hit rules.

Range

N/A

src_ip_count

Long

Definition

Number of source IP addresses.

Range

N/A

Table 5 AccessLogInfo

Parameter

Type

Description

action

String

Definition

Action.

Range

N/A

app

String

Definition

Application.

Range

N/A

url

String

dst_host

String

Definition

Destination domain name.

Range

N/A

dst_ip

String

Definition

Destination IP address.

Range

N/A

dst_port

Integer

Definition

Destination port.

Range

N/A

dst_region_id

String

Definition

Destination region ID.

Range

N/A

dst_region_name

String

Definition

Destination region name.

Range

N/A

dst_province_id

String

Definition

Destination province ID.

Range

N/A

dst_province_name

String

Definition

Destination province name.

Range

N/A

dst_city_id

String

Definition

Destination city ID.

Range

N/A

dst_city_name

String

Definition

Destination city name.

Range

N/A

hit_time

Long

Definition

Hit time.

Range

N/A

log_id

String

protocol

String

Definition

Protocol.

Range

N/A

rule_id

String

Definition

Rule ID.

Range

N/A

rule_name

String

Definition

Rule name.

Range

N/A

rule_type

Integer

src_ip

String

Definition

Source IP address.

Range

N/A

src_port

Integer

Definition

Source port.

Range

N/A

src_region_id

String

Definition

Source region ID.

Range

N/A

src_region_name

String

Definition

Source region name.

Range

N/A

src_province_id

String

Definition

Source province ID.

Range

N/A

src_province_name

String

Definition

Source province name.

Range

N/A

src_city_id

String

Definition

Source city ID.

Range

N/A

src_city_name

String

Definition

Source city name.

Range

N/A

vgw_id

String

Definition

VGW ID.

Range

N/A

qos_rule_id

String

qos_rule_name

String

qos_rule_type

Integer

Status code: 400

Table 6 Response body parameters

Parameter

Type

Description

error_code

String

Definition

Error code.

Range

N/A

error_msg

String

Definition

Error message.

Range

N/A

Example Requests

Query the details about blocked outbound traffic. The project ID is 7db2c6e2934046dd8c5a996ed4780c5b, the firewall ID is a7df0f6c-da03-4511-ad0b-b17b589ff0ec, the time range is 1 hour, and the IP address is 59.39.0.152.

v1/7db2c6e2934046dd8c5a996ed4780c5b/cfw/logs/top-access-detail?fw_instance_id=a7df0f6c-da03-4511-ad0b-b17b589ff0ec&item=dst_ip&range=0&direction=in2out&item_id=59.39.0.152

Example Responses

Status code: 200

OK

{
  "data" : {
    "dst_ip_count" : 1,
    "dst_port_count" : 1,
    "hit_count" : 3,
    "protocol_count" : 1,
    "recent_end_time" : 1751545553000,
    "recent_start_time" : 1751545469000,
    "record_total" : 3,
    "records" : [ {
      "action" : "deny",
      "app" : "HTTP",
      "dst_ip" : "59.39.0.152",
      "dst_port" : 80,
      "dst_region_id" : "CN",
      "dst_region_name" : "China",
      "dst_province_id" : "GD",
      "dst_province_name" : "Guangdong",
      "dst_city_id" : "Foshan",
      "dst_city_name" : "Foshan",
      "hit_time" : 1751545498000,
      "protocol" : "TCP",
      "rule_id" : "1ceb7988-b11b-4f1e-b7f1-1a807e9e89f3",
      "rule_name" : "deny",
      "src_ip" : "121.37.223.24",
      "src_port" : 39948,
      "src_region_id" : "CN",
      "src_region_name" : "China",
      "src_province_id" : "GD",
      "src_province_name" : "Guangdong",
      "src_city_id" : "Guangzhou",
      "src_city_name" : "Guangzhou"
    } ],
    "rule_hit_count" : 1,
    "src_ip_count" : 1
  }
}

Status code: 400

Bad Request

{
  "error_code" : "CFW.00200007",
  "error_msg" : "Incorrect time range."
}

Status Codes

Status Code

Description

200

OK

400

Bad Request

Error Codes

See Error Codes.