getTrafficLog

Available in Classic

Get traffic logs generated by Secure Zone Firewall.

Request

The following describes the request format for the endpoint. The request format is as follows:

Method	URI
POST	/{type}/{zone}/getTrafficLog

Request headers

For headers common to Secure Zone APIs, see Secure Zone request headers.

Request path parameters

The following describes the parameters.

Field	Type	Required	Description
`type`	String	Required	firewall type provided by Secure Zone `szfw` \| `psfw` `szfw`: Secure Zone Standard `psfw`: Secure Zone Advanced
`zone`	String	Required	Zone in which Secure Zone is configured `kr1` \| `kr2` `kr1`: KR-1 zone `kr2`: KR-2 zone

Request body

The following describes the request body.

Field	Type	Required	Description
`action`	String	Optional	Allow/deny `allow` \| `deny`
`countPerPage`	Integer	Optional	Number of items per page 0 (default)
`page`	Integer	Optional	Page index 0 (default)
`fromDate`	Date	Required	Start date of the query period
`toDate`	Date	Required	End date of the query period
`timeZone`	String	Optional	Time zone +09:00 (default)
`destinationIp`	String	Optional	Destination IP address
`port`	String	Optional	Destination port number
`protocol`	String	Optional	Destination protocol
`sourceIp`	String	Optional	Origin IP address

Request example

The following is a sample request.

curl --location --request POST 'https://securezonefirewall.apigw.ntruss.com/api/v2/szfw/kr2/getTrafficLog'
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'x-ncp-mbr_no: {User number}' \
--header 'Content-Type: application/json' \
--data '{
  "fromDate": "2024-07-01T00:32:14.953Z",
  "toDate": "2024-07-03T04:59:58.525Z"
}'

Response

The following describes the response format.

Response body

The following describes the response body.

Field	Type	Required	Description
`action`	String	-	Request type
`returnCode`	Integer	-	Response code
`returnMessage`	String	-	Response message
`totalCount`	Integer	-	Total number of traffic logs
`trafficLogList[]`	Array	-	Traffic log information
`trafficLogList[].receiveDate`	Long	-	Log occurrence date (Unix timestamp)
`trafficLogList[].sourceIp`	String	-	Origin IP address
`trafficLogList[].sourceServerName`	String	-	Origin server name
`trafficLogList[].destinationIp`	String	-	Destination IP address
`trafficLogList[].destinationServerName`	String	-	Destination server name
`trafficLogList[].protocol`	String	-	Destination protocol
`trafficLogList[].service`	String	-	Service
`trafficLogList[].port`	String	-	Destination port number
`trafficLogList[].action`	String	-	Allow/deny `allow` \| `deny`
`trafficLogList[].policyName`	String	-	Policy name

Response status codes

For response status codes common to NAVER Cloud Platform, see Ncloud API response status codes.

Response example

The following is a sample example.

{
    "action": "getTrafficLog",
    "returnCode": 0,
    "returnMessage": "success",
    "totalCount": 5,
    "trafficLogList": [
        {
            "receiveDate": 1719982292000,
            "sourceIp": "***.***.***.***",
            "sourceServerName": "",
            "destinationIp": "***.***.***.***",
            "destinationServerName": "sv-securezone",
            "protocol": "TCP",
            "service": "SSH",
            "port": "22",
            "action": "deny",
            "policyName": "Policy(Default Deny)"
        },
        {
            "receiveDate": 1719982286000,
            "sourceIp": "***.***.***.***",
            "sourceServerName": "",
            "destinationIp": "***.***.***.***",
            "destinationServerName": "sv-securezone",
            "protocol": "TCP",
            "service": "SSH",
            "port": "22",
            "action": "deny",
            "policyName": "Policy(Default Deny)"
        },
        {
            "receiveDate": 1719982282000,
            "sourceIp": "***.***.***.***",
            "sourceServerName": "",
            "destinationIp": "***.***.***.***",
            "destinationServerName": "sv-securezone",
            "protocol": "TCP",
            "service": "SSH",
            "port": "22",
            "action": "deny",
            "policyName": "Policy(Default Deny)"
        },
        {
            "receiveDate": 1719982281000,
            "sourceIp": "***.***.***.***",
            "sourceServerName": "",
            "destinationIp": "***.***.***.***",
            "destinationServerName": "sv-securezone",
            "protocol": "TCP",
            "service": "SSH",
            "port": "22",
            "action": "deny",
            "policyName": "Policy(Default Deny)"
        },
        {
            "receiveDate": 1719982279000,
            "sourceIp": "***.***.***.***",
            "sourceServerName": "",
            "destinationIp": "***.***.***.***",
            "destinationServerName": "sv-securezone",
            "protocol": "TCP",
            "service": "SSH",
            "port": "22",
            "action": "deny",
            "policyName": "Policy(Default Deny)"
        }
    ]
}