PutLoggingConfiguration - AWS WAFV2

PutLoggingConfiguration

Enables the specified LoggingConfiguration , to start logging from a web ACL, according to the configuration provided.

You can access information about all traffic that AWS WAF inspects using the following steps:

  1. Create an Amazon Kinesis Data Firehose.

    Create the data firehose with a PUT source and in the Region that you are operating. If you are capturing logs for Amazon CloudFront, always create the firehose in US East (N. Virginia).

    Give the data firehose a name that starts with the prefix aws-waf-logs-. For example, aws-waf-logs-us-east-2-analytics.

    Note

    Do not create the data firehose using a Kinesis stream as your source.

  2. Associate that firehose to your web ACL using a PutLoggingConfiguration request.

When you successfully enable logging using a PutLoggingConfiguration request, AWS WAF will create a service linked role with the necessary permissions to write logs to the Amazon Kinesis Data Firehose. For more information, see Logging Web ACL Traffic Information in the AWS WAF Developer Guide.

Note

This operation completely replaces the mutable specifications that you already have for the logging configuration with the ones that you provide to this call. To modify the logging configuration, retrieve it by calling GetLoggingConfiguration , update the settings as needed, and then provide the complete logging configuration specification to this call.

Request Syntax

{ "LoggingConfiguration": { "LogDestinationConfigs": [ "string" ], "LoggingFilter": { "DefaultBehavior": "string", "Filters": [ { "Behavior": "string", "Conditions": [ { "ActionCondition": { "Action": "string" }, "LabelNameCondition": { "LabelName": "string" } } ], "Requirement": "string" } ] }, "ManagedByFirewallManager": boolean, "RedactedFields": [ { "AllQueryArguments": { }, "Body": { }, "JsonBody": { "InvalidFallbackBehavior": "string", "MatchPattern": { "All": { }, "IncludedPaths": [ "string" ] }, "MatchScope": "string" }, "Method": { }, "QueryString": { }, "SingleHeader": { "Name": "string" }, "SingleQueryArgument": { "Name": "string" }, "UriPath": { } } ], "ResourceArn": "string" } }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

Response Syntax

{ "LoggingConfiguration": { "LogDestinationConfigs": [ "string" ], "LoggingFilter": { "DefaultBehavior": "string", "Filters": [ { "Behavior": "string", "Conditions": [ { "ActionCondition": { "Action": "string" }, "LabelNameCondition": { "LabelName": "string" } } ], "Requirement": "string" } ] }, "ManagedByFirewallManager": boolean, "RedactedFields": [ { "AllQueryArguments": { }, "Body": { }, "JsonBody": { "InvalidFallbackBehavior": "string", "MatchPattern": { "All": { }, "IncludedPaths": [ "string" ] }, "MatchScope": "string" }, "Method": { }, "QueryString": { }, "SingleHeader": { "Name": "string" }, "SingleQueryArgument": { "Name": "string" }, "UriPath": { } } ], "ResourceArn": "string" } }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

Errors

For information about the errors that are common to all actions, see Common Errors.

WAFInternalErrorException

Your request is valid, but AWS WAF couldn’t perform the operation because of a system problem. Retry your request.

HTTP Status Code: 500

WAFInvalidOperationException

The operation isn't valid.

HTTP Status Code: 400

WAFInvalidParameterException

The operation failed because AWS WAF didn't recognize a parameter in the request. For example:

  • You specified a parameter name or value that isn't valid.

  • Your nested statement isn't valid. You might have tried to nest a statement that can’t be nested.

  • You tried to update a WebACL with a DefaultAction that isn't among the types available at DefaultAction .

  • Your request references an ARN that is malformed, or corresponds to a resource with which a web ACL can't be associated.

HTTP Status Code: 400

WAFLimitsExceededException

AWS WAF couldn’t perform the operation because you exceeded your resource limit. For example, the maximum number of WebACL objects that you can create for an AWS account. For more information, see AWS WAF quotas in the AWS WAF Developer Guide.

HTTP Status Code: 400

WAFNonexistentItemException

AWS WAF couldn’t perform the operation because your resource doesn’t exist.

HTTP Status Code: 400

WAFOptimisticLockException

AWS WAF couldn’t save your changes because you tried to update or delete a resource that has changed since you last retrieved it. Get the resource again, make any changes you need to make to the new copy, and retry your operation.

HTTP Status Code: 400

WAFServiceLinkedRoleErrorException

AWS WAF is not able to access the service linked role. This can be caused by a previous PutLoggingConfiguration request, which can lock the service linked role for about 20 seconds. Please try your request again. The service linked role can also be locked by a previous DeleteServiceLinkedRole request, which can lock the role for 15 minutes or more. If you recently made a call to DeleteServiceLinkedRole, wait at least 15 minutes and try the request again. If you receive this same exception again, you will have to wait additional time until the role is unlocked.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: