Web Application Firewall (WAF) provides the log configuration feature, which allows you to configure flexible log settings based on your business requirements. You can configure log fields to be delivered for a single protected object or for all protected objects at the time. You can also configure the storage capacity and retention period of logs based on your business requirements.
Feature introduction
Operation | Description |
Manage log delivery status | After you enable log delivery, you can deliver WAF logs to Simple Log Service. This allows you to manage and monitor the real-time security status of web applications in a centralized manner, improve the response efficiency of security events, and identify security threats based on data analysis. |
Upgrade log storage capacity | After you enable the Simple Log Service for WAF feature in WAF, you can upgrade the log storage capacity when the storage usage is about to reach or has reached the upper limit. If you do not upgrade the log storage capacity in a timely manner, your WAF logs may fail to be written to the related Logstore. |
Configure a log retention period | After you enable the Simple Log Service for WAF feature in WAF, you can modify the retention period of logs based on your protection and analysis requirements. The default retention period is 180 days. |
Configure log fields to be delivered | After you enable the Simple Log Service for WAF feature in WAF, you can retain the default settings of log fields to be delivered or configure log fields to be delivered for specific protected objects based on your business requirements. You can also manage and configure log fields for different protected objects in a centralized manner. |