Export logs to your computer or ship logs to OSS-Cloud Firewall(Cloud Firewall)-阿里云帮助中心

Prerequisites

The log analysis feature of Cloud Firewall must be enabled. For more information, see Overview of log analysis.

You can download logs directly from the console to your computer.

Important

If a download request exceeds the maximum number of logs allowed per download, only the maximum number is downloaded. To download all logs, narrow the time range of your query and perform multiple downloads.
You can view your download history in the Download Tasks dialog box.
Each Alibaba Cloud account supports a maximum of three concurrent download tasks. This limit is shared across all RAM users. Exceeding this limit causes an error. If an error occurs, wait for the existing tasks to complete before you try again.
Export records are automatically deleted after 24 hours.
The system automatically retries a download task if a network error occurs or if query results are imprecise. If the task still fails after three retries, its status is set to Failed.

Log on to the Cloud Firewall console.
In the left-side navigation pane, choose Detection & Response > Log Analysis. Then, click the Logs tab.
To download the results of a specific query, first set your query conditions and run the query. For more information, see Query and analyze logs.
On the Raw Logs tab, click the icon and select Download Log.
Note
If no logs are available, the Download Log option is disabled.

In the Download Log dialog box, configure the following parameters and click OK.

Parameter	Description
Task Name	Download task name.
Log Quantity	Number of logs to download.
Data Format	CSV or JSON. CSV: Column names come from the first 100 log fields. New fields in subsequent logs are stored in JSON format in an unnamed final column. JSON: Each log entry is a single JSON line.
Quote	Encloses fields containing special characters to prevent unintended escaping.
Download Inaccurate Results	If you select No, the download fails if the query results are inaccurate.
Compression Method	gzip, lz4, zstd, or none. Compression significantly reduces file size and download time for large datasets.

In the Download Tasks dialog box, wait for the task status to change to Successful, and then click Download.
You can also open the Download Tasks dialog box by clicking the icon on the Raw Logs tab and selecting Download Tasks.

For large log volumes or long-term analysis, you can periodically ship logs to an OSS bucket. For instructions, see Create an OSS data shipping job (new version).