Submenu – Reporting

Airlock Gateway logs and system service logs are stored in an Elasticsearch database. Depending on the configuration, a local or remote Elasticsearch installation can be targeted.

Kibana is used to browse logs. A click on the Log Viewer submenu item opens Kibana in discover a view. A number of saved searches are predefined to simplify searching and filtering for specific log messages. The Lucene query language syntax can be used to create search queries.

  • Kibana is also used for reporting. A number of Airlock Gateway dashboards are predefined:
  • Default: An overview dashboard with aggregated proxy and attack statistics.
  • Application Statistics: Displays metrics aggregated by virtual hosts and mappings to identify top applications.
  • Attacks: Details visualizations of attacks and their origins.
  • Performance and Troubleshooting: A dashboard for analyzing performance issues and back-end problems.
  • Session statistics: A dashboard with detailed session and header statistics.