Example: Use the API to Retrieve Traffic Logs

1. Create a job to retrieve all traffic logs that occurred after a certain time:

   curl -X POST 'https://firewall/api?type=log&log-type=traffic&query=(receive_time geq '2012/06/22 08:00:00')"
   					

   A web-browser will automatically URL encode the parameters, but when using cURL, the query parameter must be URL encoded.

   Response:

   
   						<response status="success" code="19">
     <result>
       <msg>
         <line>query job enqueued with jobid 18</line>
       </msg>
       <job>18</job>
     </result>
   </response>
    
   					

2. Retrieve traffic log data using the following request using the job ID as the value returned in the previous response:

   curl -X POST 'https://firewall/api?type=log&action=get&job-id=<id>"
   					

3. Confirm that the XML response looks similar to the following:

   
   						<response status="success"">
   							<result>
   							<job>...</job>
   							<log>
   							<logs count="20" progress="100n>
   							<entry logid="5753304543500710425"> <domain>1</domain> <receive_time>2012/06/13 15:43:17</receive_time> <serial>001606000117</serial> <segno>6784588</segno>
   							<actionflags>0x0</actionflags> <type>TRAFFIC</type> <subtype>start</subtype> <config_ver>1</config_ver> <time_generated>2012/06/13 15:43:17</time_generated>
   							<src>172.16.1.2</src> <dst>10.2.0.246</dst> <natsrc>10.26.0.96</natsrc> <natdst>10.2.0.246</natdst> <rule>default allow</rule>  
   					

   When the job status is FIN (finished), the response automatically includes all the logs in the XML data response. The <log> node in XML is not present when the job status is still pending. After successful log data retrieval, the system automatically deletes the job.
4. ( Optional) Delete and active log retrieval job.To delete an active log retrieval job, run the following query:

   curl -X POST 'https://firewall/api?type=log&action=finish&job-id=<id>"
   					

   A successful completion returns a job ID.