Skip to content

Get Sampled Requests

waf_get_sampled_requests R Documentation

This is AWS WAF Classic documentation

Description

This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.

For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

Gets detailed information about a specified number of requests–a sample–that AWS WAF randomly selects from among the first 5,000 requests that your AWS resource received during a time range that you choose. You can specify a sample size of up to 500 requests, and you can specify any time range in the previous three hours.

get_sampled_requests returns a time range, which is usually the time range that you specified. However, if your resource (such as a CloudFront distribution) received 5,000 requests before the specified time range elapsed, get_sampled_requests returns an updated time range. This new time range indicates the actual period during which AWS WAF selected the requests in the sample.

Usage

waf_get_sampled_requests(WebAclId, RuleId, TimeWindow, MaxItems)

Arguments

WebAclId

[required] The WebACLId of the WebACL for which you want get_sampled_requests to return a sample of requests.
RuleId

[required] RuleId is one of three values:

  • The RuleId of the Rule or the RuleGroupId of the RuleGroup for which you want get_sampled_requests to return a sample of requests.

  • Default_Action, which causes get_sampled_requests to return a sample of the requests that didn't match any of the rules in the specified WebACL.
TimeWindow

[required] The start date and time and the end date and time of the range for which you want get_sampled_requests to return a sample of requests. You must specify the times in Coordinated Universal Time (UTC) format. UTC format includes the special designator, Z. For example, "2016-09-27T14:50Z". You can specify any time range in the previous three hours.
MaxItems

[required] The number of requests that you want AWS WAF to return from among the first 5,000 requests that your AWS resource received during the time range. If your resource received fewer requests than the value of MaxItems, get_sampled_requests returns information about all of them.

Value

A list with the following syntax:

list(
  SampledRequests = list(
    list(
      Request = list(
        ClientIP = "string",
        Country = "string",
        URI = "string",
        Method = "string",
        HTTPVersion = "string",
        Headers = list(
          list(
            Name = "string",
            Value = "string"
          )
        )
      ),
      Weight = 123,
      Timestamp = as.POSIXct(
        "2015-01-01"
      ),
      Action = "string",
      RuleWithinRuleGroup = "string"
    )
  ),
  PopulationSize = 123,
  TimeWindow = list(
    StartTime = as.POSIXct(
      "2015-01-01"
    ),
    EndTime = as.POSIXct(
      "2015-01-01"
    )
  )
)

Request syntax

svc$get_sampled_requests(
  WebAclId = "string",
  RuleId = "string",
  TimeWindow = list(
    StartTime = as.POSIXct(
      "2015-01-01"
    ),
    EndTime = as.POSIXct(
      "2015-01-01"
    )
  ),
  MaxItems = 123
)

Examples

## Not run: 
# The following example returns detailed information about 100 requests
# --a sample-- that AWS WAF randomly selects from among the first 5,000
# requests that your AWS resource received between the time period
# 2016-09-27T15:50Z to 2016-09-27T15:50Z.
svc$get_sampled_requests(
  MaxItems = 100L,
  RuleId = "WAFRule-1-Example",
  TimeWindow = list(
    EndTime = "2016-09-27T15:50Z",
    StartTime = "2016-09-27T15:50Z"
  ),
  WebAclId = "createwebacl-1472061481310"
)

## End(Not run)