class Aws::WAFV2::Types::LoggingConfiguration
Defines an association between Amazon Kinesis Data Firehose destinations and a web ACL resource, for logging from WAF. As part of the association, you can specify parts of the standard logging fields to keep out of the logs and you can specify filters so that you log only a subset of the logging records.
@note When making an API call, you may pass LoggingConfiguration
data as a hash: { resource_arn: "ResourceArn", # required log_destination_configs: ["ResourceArn"], # required redacted_fields: [ { single_header: { name: "FieldToMatchData", # required }, single_query_argument: { name: "FieldToMatchData", # required }, all_query_arguments: { }, uri_path: { }, query_string: { }, body: { }, method: { }, json_body: { match_pattern: { # required all: { }, included_paths: ["JsonPointerPath"], }, match_scope: "ALL", # required, accepts ALL, KEY, VALUE invalid_fallback_behavior: "MATCH", # accepts MATCH, NO_MATCH, EVALUATE_AS_STRING }, }, ], managed_by_firewall_manager: false, logging_filter: { filters: [ # required { behavior: "KEEP", # required, accepts KEEP, DROP requirement: "MEETS_ALL", # required, accepts MEETS_ALL, MEETS_ANY conditions: [ # required { action_condition: { action: "ALLOW", # required, accepts ALLOW, BLOCK, COUNT }, label_name_condition: { label_name: "LabelName", # required }, }, ], }, ], default_behavior: "KEEP", # required, accepts KEEP, DROP }, }
@!attribute [rw] resource_arn
The Amazon Resource Name (ARN) of the web ACL that you want to associate with `LogDestinationConfigs`. @return [String]
@!attribute [rw] log_destination_configs
The Amazon Kinesis Data Firehose Amazon Resource Name (ARNs) that you want to associate with the web ACL. @return [Array<String>]
@!attribute [rw] redacted_fields
The parts of the request that you want to keep out of the logs. For example, if you redact the `HEADER` field, the `HEADER` field in the firehose will be `xxx`. <note markdown="1"> You must use one of the following values: `URI`, `QUERY_STRING`, `HEADER`, or `METHOD`. </note> @return [Array<Types::FieldToMatch>]
@!attribute [rw] managed_by_firewall_manager
Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration. @return [Boolean]
@!attribute [rw] logging_filter
Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation. @return [Types::LoggingFilter]
@see docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/LoggingConfiguration AWS API Documentation
Constants
- SENSITIVE