EdgeNext
Documentation home

EdgeNext Documentation

Product guides, setup instructions, and technical references.

Security CDN

Log Query

Security CDN provides an online Log Query feature, enabling users to quickly locate and filter WAF attack logs directly within the console—without downloading full log files. This supports faster issue diagnosis and initial investigation.

Key Capabilities

  • Multi-dimensional Filtering & Combined Search
    Enables precise filtering based on time range, source IP, request path, status code, attack type, risk level, and more.
  • Full-text Keyword Search
    Allows fuzzy keyword matching in fields such as URI, User-Agent, Referer, and request parameters to quickly locate suspicious behavior.
  • Detailed View of Single Log Entry
    Users can expand individual log records to view the complete request and defense handling details for accurate security analysis.

Guide: Conditional Filtering in Log Query

  1. Log in to the Security CDN Console.

  2. In the left navigation pane, go to Log > Log Query.

    日志检索1.png

  3. By default, the system loads log data from the last 24 hours.

  4. Use the filter fields to create complex queries by combining:

    • Domain
    • Attack Type
    • Mitigation Action
    • Risk Level
    • Rule ID
    • Attacker IP

    日志检索2.png

  5. After specifying the filtering conditions, click Search.

  6. The result set displays the following by default:

    • Timestamp
    • Attacker IP
    • Target Domain
    • URL

    日志检索3.png

  7. Use the Field Selector in the bottom-left to customize displayed fields (up to 27 options), including:

    • Continent
    • Country
    • Target Source Port
    • User-Agent
    • Rule ID
    • Attack Payload
    • Attack Category

    日志检索4.png

  8. After reviewing the results, click the Download button in the upper-right corner to export matched log entries.

    日志检索5.png

Need help? Contact our support team at support@edgenext.com.

Back to documentation home