Airlock Gateway logs and system service logs are stored in an Elasticsearch database. Depending on the configuration, a local or remote Elasticsearch installation is targeted.
Kibana is used to browse logs. A click on the Log Viewer menu item opens Kibana in Discover View. Some saved searches are predefined to simplify searching and filtering for specific log messages. The Lucene query language syntax can be used to create search queries.
- Kibana is also used for reporting. Some Airlock Gateway dashboards are predefined:
- Default – An overview dashboard with aggregated proxy and attack statistics.
- Application Statistics – Displays metrics aggregated by virtual hosts and mappings to identify top applications.
- Attacks: Details visualizations of attacks and their origins.
- Performance and Troubleshooting – A dashboard for analyzing performance issues and back-end problems.
- Session statistics – A dashboard with detailed session and header statistics.
The default dashboard is embedded in the Configuration Center and shown after logging in.