Put Logging Configuration
waf_put_logging_configuration | R Documentation |
This is AWS WAF Classic documentation¶
Description¶
This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Associates a LoggingConfiguration with a specified web ACL.
You can access information about all traffic that AWS WAF inspects using the following steps:
-
Create an Amazon Kinesis Data Firehose.
Create the data firehose with a PUT source and in the region that you are operating. However, if you are capturing logs for Amazon CloudFront, always create the firehose in US East (N. Virginia).
Do not create the data firehose using a
Kinesis stream
as your source. -
Associate that firehose to your web ACL using a
put_logging_configuration
request.
When you successfully enable logging using a put_logging_configuration
request, AWS WAF will create a service linked role with the necessary
permissions to write logs to the Amazon Kinesis Data Firehose. For more
information, see Logging Web ACL Traffic
Information
in the AWS WAF Developer Guide.
Usage¶
Arguments¶
LoggingConfiguration
[required] The Amazon Kinesis Data Firehose that contains the inspected traffic information, the redacted fields details, and the Amazon Resource Name (ARN) of the web ACL to monitor.
When specifying
Type
inRedactedFields
, you must use one of the following values:URI
,QUERY_STRING
,HEADER
, orMETHOD
.
Value¶
A list with the following syntax:
list(
LoggingConfiguration = list(
ResourceArn = "string",
LogDestinationConfigs = list(
"string"
),
RedactedFields = list(
list(
Type = "URI"|"QUERY_STRING"|"HEADER"|"METHOD"|"BODY"|"SINGLE_QUERY_ARG"|"ALL_QUERY_ARGS",
Data = "string"
)
)
)
)