Airlock Gateway logs and system service logs are stored in an Elasticsearch database. Depending on the configuration, a local or remote Elasticsearch installation can be targeted.
Kibana is used to browse logs. A click on the Log Viewer submenu item opens Kibana in discover a view. A number of saved searches are predefined to simplify searching and filtering for specific log messages. The Lucene query language syntax can be used to create search queries.
- Kibana is also used for reporting. A number of Airlock Gateway dashboards are predefined:
- Default: An overview dashboard with aggregated proxy and attack statistics.
- Application Statistics: Displays metrics aggregated by virtual hosts and mappings to identify top applications.
- Attacks: Details visualizations of attacks and their origins.
- Performance and Troubleshooting: A dashboard for analyzing performance issues and back-end problems.
- Session statistics: A dashboard with detailed session and header statistics.