Interface ICfnLoggingConfigurationProps
Properties for defining a CfnLoggingConfiguration.
Namespace: Amazon.CDK.AWS.WAFv2
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface ICfnLoggingConfigurationPropsSyntax (vb)
Public Interface ICfnLoggingConfigurationPropsRemarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.WAFv2;
var jsonBody;
var loggingFilter;
var method;
var queryString;
var singleHeader;
var uriPath;
var cfnLoggingConfigurationProps = new CfnLoggingConfigurationProps {
LogDestinationConfigs = new [] { "logDestinationConfigs" },
ResourceArn = "resourceArn",
// the properties below are optional
LoggingFilter = loggingFilter,
RedactedFields = new [] { new FieldToMatchProperty {
JsonBody = jsonBody,
Method = method,
QueryString = queryString,
SingleHeader = singleHeader,
UriPath = uriPath
} }
};Synopsis
Properties
| LogDestinationConfigs | The logging destination configuration that you want to associate with the web ACL. |
| LoggingFilter | Filtering that specifies which web requests are kept in the logs and which are dropped. |
| RedactedFields | The parts of the request that you want to keep out of the logs. |
| ResourceArn | The Amazon Resource Name (ARN) of the web ACL that you want to associate with |
Properties
LogDestinationConfigs
The logging destination configuration that you want to associate with the web ACL.
object[] LogDestinationConfigs { get; }Property Value
object[]
Remarks
You can associate one logging destination to a web ACL.
Type union: (either string or IDeliveryStreamRef or ILogGroupRef or IBucketRef)[]
LoggingFilter
Filtering that specifies which web requests are kept in the logs and which are dropped.
object? LoggingFilter { get; }Property Value
Remarks
You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.
RedactedFields
The parts of the request that you want to keep out of the logs.
object? RedactedFields { get; }Property Value
Remarks
For example, if you redact the SingleHeader field, the HEADER field in the logs will be REDACTED for all rules that use the SingleHeader FieldToMatch setting.
If you configure data protection for the web ACL, the protection applies to the data that AWS WAF sends to the logs.
Redaction applies only to the component that's specified in the rule's FieldToMatch setting, so the SingleHeader redaction doesn't apply to rules that use the Headers FieldToMatch .
You can specify only the following fields for redaction: <code>UriPath</code> , <code>QueryString</code> , <code>SingleHeader</code> , and <code>Method</code> . > This setting has no impact on request sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL.
Type union: either IResolvable or (either IResolvable or CfnLoggingConfiguration.IFieldToMatchProperty)[]
ResourceArn
The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs .
object ResourceArn { get; }