{"componentChunkName":"component---src-templates-acg-portal-intl-template-tsx","path":"/Slycrf9d5-intl","result":{"data":{"markdownRemark":{"html":"

攻击日志

\n

攻击日志为客户防护业务接入WAF后,会对其攻击日志进行采集,您可以通过攻击日志对防护对象的日志数据进行查询与下载分析,并基于查询与分析结果生成统计图表、创建告警等。

\n

前提条件

\n

1.已开通WAF服务

\n

2.已经将Web业务域名进行WAF的防护配置

\n

操作步骤

\n
    \n
  1. 登录Web应用防火墙 控制台。
    2. \n
  2. 在左侧导航栏,选择安全运营 > 攻击日志
    3. \n
  3. 在攻击日志页面上方,选择要查询日志的防护对象。
    4. \n
  4. 支持Web攻击防护、自定义规则防护、CC攻击防护查询
    5. \n
\n

\"image.png\"

\n

攻击检索条件

\n

下表描述了高级搜索支持设置的搜索条件。

\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
搜索条件说明
选择攻击类型支持SQL注入、文件上传、代码执行、文件读取、敏感信息探测、权限绕过、IP黑白名单等类型日志检索
攻击IP支持通过攻击者IP进行检索
攻击域名支持通过对攻击的域名进行检索
攻击时间支持通过不同时间维度进行检索
下载日志支持下载筛选日志结果
\n

攻击结果分析

\n

\"image.png\"\n\"image.png\"

\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
攻击类型攻击结果
Web攻击防护对攻击时间、攻击IP、攻击类型、受影响资产、来源评定、命中时间、防御模式等进行详细攻击日志查询
自定义防护规则对攻击时间、攻击IP、攻击类型、受影响资产、来源评定、命中时间、防御模式等进行详细攻击日志查询
CC攻击被攻击站点URL、攻击源IP、攻击起止、攻击详情进行分析
事件评定根据命中不同风险等级防护规则,进行事件评定中风险、高风险、低风险等
攻击详情对攻击行为进行详细定位分析,攻击时间、攻击类型、命中规则等
","fields":{"slug":"Slycrf9d5-intl","title":"攻击日志","date":"2025-08-22","extractedHeadings":[]},"headings":[{"value":"攻击日志","depth":2},{"value":"前提条件","depth":2},{"value":"操作步骤","depth":2},{"value":"攻击检索条件","depth":2},{"value":"攻击结果分析","depth":2}]}},"pageContext":{"isCreatedByStatefulCreatePages":false,"slug":"Slycrf9d5-intl","prev":{"id":"Ulvezt94v-intl","name":"报警设置","path":"Ulvezt94v-intl","filePath":"操作指南/报警设置.md","seo":null,"parentIds":["Vjwvyotj3-intl"],"parents":[{"id":"Vjwvyotj3-intl","documentId":"37310774-f6e3-4f52-9f35-eed00ce37dc6","name":"操作指南","repoName":"WAF","filePath":"操作指南","disabled":false,"path":"Vjwvyotj3-intl","lastMergeTime":null,"isApiDoc":null,"httpMethod":null,"seo":null}]},"next":{"id":"Kmemg0qk1","name":"安全报表","path":"Kmemg0qk1","filePath":"操作指南/安全运营/安全报表.md","seo":null,"parentIds":["Vjwvyotj3-intl","9lycoxgyv-intl"],"parents":[{"id":"Vjwvyotj3-intl","documentId":"37310774-f6e3-4f52-9f35-eed00ce37dc6","name":"操作指南","repoName":"WAF","filePath":"操作指南","disabled":false,"path":"Vjwvyotj3-intl","lastMergeTime":null,"isApiDoc":null,"httpMethod":null,"seo":null},{"id":"9lycoxgyv-intl","documentId":"e3e42dcb-a5db-401f-aea9-32af34bc7156","name":"安全运营","repoName":"WAF","filePath":"操作指南/安全运营","disabled":false,"path":"9lycoxgyv-intl","lastMergeTime":null,"isApiDoc":null,"httpMethod":null,"seo":null}]},"parents":[{"id":"Vjwvyotj3-intl","documentId":"37310774-f6e3-4f52-9f35-eed00ce37dc6","name":"操作指南","repoName":"WAF","filePath":"操作指南","disabled":false,"path":"Vjwvyotj3-intl","lastMergeTime":null,"isApiDoc":null,"httpMethod":null,"seo":null},{"id":"9lycoxgyv-intl","documentId":"e3e42dcb-a5db-401f-aea9-32af34bc7156","name":"安全运营","repoName":"WAF","filePath":"操作指南/安全运营","disabled":false,"path":"9lycoxgyv-intl","lastMergeTime":null,"isApiDoc":null,"httpMethod":null,"seo":null}],"specificSeo":null}}}