Learn how to improve your network security using firewall logs.

You can enable logging for your firewalls if the rules in the associated policy support it, and you are subscribed to Oracle Cloud Infrastructure Logging. Logs display log activity and the details of each logged event within a specified time frame. Logs show you when traffic triggers rules and help you improve security. For general information, see the Logging Service Documentation.

The Network Firewall service emits two log types:
  • Threat Log: Provides details on received firewall threats.
  • Traffic Log: Provides details on traffic passing through the firewall.
Logs are emitted to customers based on a five minute interval from the dataplane. The dataplane also registers logs as they're received.
For more detail about log contents and examples, see Details for Network Firewall Logs.

If you want to use intrusion detection, you must enable logging.