# 5.1 Access Log
#### 📖 Overview
The **Access Log** module in ShieldsGuard gives you real-time visibility into **every single HTTP request** received by your protected site. Unlike the Security Log, which only shows suspicious or blocked events, the Access Log displays a **complete timeline of all traffic** — regardless of whether the request was allowed or not.
This tool is essential for:
* Traffic analysis
* User behavior tracking
* Request debugging
* Service monitoring
***
#### 🧠 What You Can See
Each entry in the Access Log includes:
| Field | Description |
| --------------- | ------------------------------------------ |
| **IP Address** | The source of the request |
| **URL** | The full path of the requested resource |
| **Method** | HTTP method used (GET, POST, PUT, etc.) |
| **Status Code** | HTTP response status (200, 403, 404, etc.) |
| **User Agent** | Client/browser that made the request |
| **Time** | Timestamp of the request |
***
#### 🔍 Advanced Filtering Options
The Access Log includes a powerful **filter bar** to quickly narrow down logs based on:
* IP Address
* URL or path fragment
* HTTP Method (GET, POST, etc.)
* Status Code (e.g., 200, 403, 500)
* User-Agent
* Time Range
Use these filters to:
* Investigate unusual spikes in traffic
* Identify error-generating endpoints
* Track specific users or bots
* Analyze how visitors interact with your application
***
#### 📈 Real-Time Analytics
The right-hand panel provides **live statistics**, including:
* Current Requests Per Second
* Most Visited URLs
* IPs making the most requests
* Distribution of HTTP Status Codes (Success vs Errors)
> ⚡ Live data updates in a 10-minute window. Use this view to detect bursts of activity or service pressure instantly.
***
#### 📋 Use Case Scenarios
| Scenario | Use Access Log to... |
| -------------------------------------- | ------------------------------------------------- |
| Analyze 404 error patterns | Filter logs by Status Code = 404 |
| Detect abusive crawling | Track User-Agent patterns and frequency |
| Confirm site uptime and responsiveness | Monitor consistent 200s across core pages |
| Investigate user sessions | Filter by single IP and observe full request flow |
| Troubleshoot feature errors | Combine URL + Method + Status = 500 |
***
#### 🛠️ Tips
* Combine Access Log with **Security Log** to correlate attack attempts with successful access.
* Use the **Advanced Search** to trace individual sessions across different routes.
* Monitor frequently requested but invalid URLs to identify potential probing behavior.
***
#### 📌 Notes
* Logs are stored with timezone-aware timestamps.
* Only the most recent data (last 10 minutes) is shown by default. For historical data, use date range filters.
* Export options may be available depending on your ShieldsGuard license level.
***
> 🎯 Use Access Log for operational insight, usage visibility, and technical diagnostics. It is your always-on recorder of everything that reaches your infrastructure — whether benign or suspicious.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.shieldsguard.com/getting-started/5.-logs/5.1-access-log.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.