: Example: Use the API to Retrieve Traffic Logs
Focus
Focus

Example: Use the API to Retrieve Traffic Logs

Table of Contents

Example: Use the API to Retrieve Traffic Logs

Follow these steps to use the API retrieve traffic logs.
  1. Create a job to retrieve all traffic logs that occurred after a certain time:
    curl -X POST 'https://firewall/api?type=log&log-type=traffic&query=(receive_time geq '2012/06/22 08:00:00')"
    A web-browser will automatically URL encode the parameters, but when using cURL, the query parameter must be URL encoded.
    Response:
    <response status="success" code="19"> <result> <msg> <line>query job enqueued with jobid 18</line> </msg> <job>18</job> </result> </response>
  2. Retrieve traffic log data using the following request using the job ID as the value returned in the previous response:
    curl -X POST 'https://firewall/api?type=log&action=get&job-id=<id>"
  3. Confirm that the XML response looks similar to the following:
    <response status="success""> <result> <job>...</job> <log> <logs count="20" progress="100n> <entry logid="5753304543500710425"> <domain>1</domain> <receive_time>2012/06/13 15:43:17</receive_time> <serial>001606000117</serial> <segno>6784588</segno> <actionflags>0x0</actionflags> <type>TRAFFIC</type> <subtype>start</subtype> <config_ver>1</config_ver> <time_generated>2012/06/13 15:43:17</time_generated> <src>172.16.1.2</src> <dst>10.1.0.246</dst> <natsrc>10.16.0.96</natsrc> <natdst>10.1.0.246</natdst> <rule>default allow</rule>
    When the job status is FIN (finished), the response automatically includes all the logs in the XML data response. The <log> node in XML is not present when the job status is still pending. After successful log data retrieval, the system automatically deletes the job.
  4. ( Optional) Delete and active log retrieval job.To delete an active log retrieval job, run the following query:
    curl -X POST 'https://firewall/api?type=log&action=finish&job-id=<id>"
    A successful completion returns a job ID.