WafLog

WafLog
WafLog
JSON Example
{
    "allowlist_configured": false,
    "allowlist_logs": [
        {
            "actions": [
                "string"
            ],
            "rule_name": "string"
        }
    ],
    "allowlist_processed": false,
    "application_rule_logs": [
        {
            "matches": [
                {
                    "is_internal": false,
                    "match_element": "string",
                    "match_value": "string",
                    "match_value_offset": 0
                }
            ],
            "msg": "string",
            "omitted_match_elements": 0,
            "phase": "string",
            "rule_group": "string",
            "rule_id": 0,
            "rule_name": "string",
            "tags": [
                "string"
            ]
        }
    ],
    "application_rules_configured": false,
    "application_rules_processed": false,
    "latency_request_body_phase": 0,
    "latency_request_header_phase": 0,
    "latency_response_body_phase": 0,
    "latency_response_header_phase": 0,
    "learning_status": "string",
    "memory_allocated": 0,
    "omitted_app_rule_stats": {
        "match_elements": 0,
        "rules": 0
    },
    "omitted_signature_stats": {
        "match_elements": 0,
        "rules": 0
    },
    "psm_configured": false,
    "psm_logs": [
        {
            "actions": [
                "string"
            ],
            "group_name": "string",
            "group_uuid": "string",
            "location": "string",
            "matches": [
                {
                    "is_internal": false,
                    "match_element": "string",
                    "match_value": "string",
                    "match_value_offset": 0
                }
            ],
            "rule_id": "string",
            "rule_name": "string"
        }
    ],
    "psm_processed": false,
    "rule_logs": [
        {
            "matches": [
                {
                    "is_internal": false,
                    "match_element": "string",
                    "match_value": "string",
                    "match_value_offset": 0
                }
            ],
            "msg": "string",
            "omitted_match_elements": 0,
            "phase": "string",
            "rule_group": "string",
            "rule_id": 0,
            "rule_name": "string",
            "tags": [
                "string"
            ]
        }
    ],
    "rules_configured": false,
    "rules_processed": false,
    "status": "string"
}
boolean
allowlist_configured
Optional

Set to true if there are allowlist rules in the policy. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

allowlist_logs
Optional

Log Entries generated by WAF allowlist rules. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

boolean
allowlist_processed
Optional

Set to true if allowlist rules were processed. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

array of WafRuleLog
application_rule_logs
Optional

Log Entries generated by Application Specific Signature rules. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

boolean
application_rules_configured
Optional

Set to true if there are Application Specific Signature rules in the policy. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

boolean
application_rules_processed
Optional

Set to true if Application Specific Signature rules were processed. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

integer As uint64 As uint64
latency_request_body_phase
Optional

Latency (in microseconds) in WAF Request Body Phase. Field introduced in 17.2.2. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

integer As uint64 As uint64
latency_request_header_phase
Optional

Latency (in microseconds) in WAF Request Header Phase. Field introduced in 17.2.2. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

integer As uint64 As uint64
latency_response_body_phase
Optional

Latency (in microseconds) in WAF Response Body Phase. Field introduced in 17.2.2. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

integer As uint64 As uint64
latency_response_header_phase
Optional

Latency (in microseconds) in WAF Response Header Phase. Field introduced in 17.2.2. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

string
learning_status
Optional
Constraints: default: NOT_ACTIVE

Indicate if this request is used for learning. If it is not used, this field contains the reason for this decision. Enum options - NOT_ACTIVE, LEARNED, NOTHING_TO_LEARN, SERVER_ERROR, FLAGGED_BY_WAF, SKIPPED_BY_SAMPLING, CLIENT_IS_NOT_AUTHENTICATED, CLIENT_IS_NOT_TRUSTED, CLIENT_IS_A_BOT, ERROR. Field introduced in 30.2.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

integer As uint64 As uint64
memory_allocated
Optional

The total memory (in bytes) consumed by WAF to process this request. Field introduced in 22.1.1. Unit is BYTES. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

omitted_app_rule_stats
Optional

omitted_app_rule_stats

omitted_signature_stats
Optional

omitted_signature_stats

boolean
psm_configured
Optional

Set to true if there are Positive Security Model rules in the policy. Field introduced in 18.2.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

array of WafPSMLog
psm_logs
Optional

Log Entries generated by WAF Positive Security Model. Field introduced in 18.2.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

boolean
psm_processed
Optional

Set to true if Positive Security Model rules were processed. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

array of WafRuleLog
rule_logs
Optional

Field introduced in 17.2.1. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

boolean
rules_configured
Optional

Set to true if there are ModSecurity rules in the policy. Field introduced in 18.2.3. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

boolean
rules_processed
Optional

Set to true if ModSecurity rules were processed. Field introduced in 20.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

string
status
Optional

Denotes whether WAF is running in detection mode or enforcement mode, whether any rules matched the transaction, and whether transaction is dropped by the WAF module. Enum options - NO_WAF, FLAGGED, PASSED, REJECTED, ALLOWLISTED, BYPASSED. Field introduced in 17.2.2. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

Property Of