Oracle Cloud Infrastructure Documentation

Enable Logs for a Firewall

Learn how to enable logs for a network firewall.

To enable logging, configure Oracle Cloud Infrastructure Logging (OCI) for the Network Firewall service and enable logging for the firewall. These tasks can be completed in any order. However, OCI Logging must be configured to view and manage logs.

Enable logging for the firewall

  1. Open the navigation menu, and select Identity & Security. Under Firewalls, select Network Firewalls policies.
  2. Select the compartment that contains the firewall that you want to enable logging for.
  3. Select the firewall.
  4. On the details page, select the Monitoring tab, and then scroll to the Logs section.
  5. In the Logs list, select the Actions menu (three dots) for the type of log that you want to use, and then select Enable log.

Enable OCI Logging for the Network Firewall

  1. Open the navigation menu  and select Observability & Management. Under Logging, select Logs.
  2. Select the Actions menu at the top of the list of logs, and then select Enable service log.
  3. Select a compartment that you have permission to work in.
  4. Select Network Firewall from the Service list.
  5. Select the firewall from the Resource list.
  6. In Log category list, select the type of log to create (the same type that you enabled in the preceding task).
    Note

    You can have only one log for any combination of service, resource, and log category.
  7. In the Log name box, type a name for the log.
  8. Select Enable auto archiving to object storage (legacy) to automatically create a bucket in your compartment, and place a copy of your log there.
  9. Under Advanced options, specify a log group to place the log in

    • In Compartment, select the compartment that contains for the log group.

    • In Log Group, select a log group for the log.
  10. (Optional) Under the Advanced options, specify the retention period.
  11. (Optional) In the Add tags section, add one or more tags to the log.
    If you have permissions to create a resource, then you also have permissions to apply free-form tags to that resource. To apply a defined tag, you must have permissions to use the tag namespace. For more information about tagging, see Resource Tags. If you're not sure whether to apply tags, skip this option or ask an administrator. You can apply tags later.
  12. Select Enable log.
The Log details page is displayed, and the log is in the process of being created (a "Creating log" message is displayed).