This is AWS WAF Classic documentation. For more information, see AWS WAF Classic in the developer guide.
For the latest version of AWS WAF, use the AWS WAFV2 API and see the AWS WAF Developer Guide. With the latest version, AWS WAF has a single set of endpoints for regional and global use.
Associates a LoggingConfiguration with a specified web ACL.
You can access information about all traffic that AWS WAF inspects using the following steps:
Create an Amazon Kinesis Data Firehose.
Create the data firehose with a PUT source and in the region that you are operating. However, if you are capturing logs for Amazon CloudFront, always create the firehose in US East (N. Virginia).
Do not create the data firehose using a Kinesis stream as your
source.
Associate that firehose to your web ACL using a
put_logging_configuration
request.
When you successfully enable logging using a
put_logging_configuration
request, AWS WAF will create a service linked role with the necessary
permissions to write logs to the Amazon Kinesis Data Firehose. For more
information, see Logging Web ACL Traffic Information
in the AWS WAF Developer Guide.
wafregional_put_logging_configuration(LoggingConfiguration)A list with the following syntax:
list(
LoggingConfiguration = list(
ResourceArn = "string",
LogDestinationConfigs = list(
"string"
),
RedactedFields = list(
list(
Type = "URI"|"QUERY_STRING"|"HEADER"|"METHOD"|"BODY"|"SINGLE_QUERY_ARG"|"ALL_QUERY_ARGS",
Data = "string"
)
)
)
)
[required] The Amazon Kinesis Data Firehose that contains the inspected traffic information, the redacted fields details, and the Amazon Resource Name (ARN) of the web ACL to monitor.
When specifying Type in RedactedFields, you must use one of the
following values: URI, QUERY_STRING, HEADER, or METHOD.
svc$put_logging_configuration(
LoggingConfiguration = list(
ResourceArn = "string",
LogDestinationConfigs = list(
"string"
),
RedactedFields = list(
list(
Type = "URI"|"QUERY_STRING"|"HEADER"|"METHOD"|"BODY"|"SINGLE_QUERY_ARG"|"ALL_QUERY_ARGS",
Data = "string"
)
)
)
)