1 Answer
- Newest
- Most votes
- Most comments
3
Hello Elson,
Default AWS WAF logs lack details on challenge responses. To gain insights:
- Enable logging for specific fields like
request_headers
in your WAF logging configuration. - Check CloudTrail logs around the challenge timeframe for WAF events
(e.g., wafv2:RuleAction).
Web ACL logging configuration: https://docs.aws.amazon.com/waf/latest/developerguide/logging.html
Logging and monitoring in AWS WAF: https://docs.aws.amazon.com/whitepapers/latest/aws-security-incident-response-guide/aws-security-incident-response-guide.html
Relevant content
- asked a year ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 2 years ago
Thank you for your answer. Unfortunately, the AWS WAF logging configuration doesn't allow you to enable logging for specific fields like request_headers. Also, when I checked the CloudTrail log, it only showed the events originating from my actions.