Understanding OWASP WAF Logs
Information
Summary: |
When reviewing the Kemp WAF logs there is no "action" indicated in the logs. Do the WAF logs show if there is an action to drop traffic or if the traffic successfully reaches the server? |
Environment: |
Product: LoadMaster Version: Any Platform: Any Application: HTTP(S) Based |
Question/Problem Description: |
How to understand which WAF logs depict that a connection has been blocked? |
Steps to Reproduce: | |
Error Message: | |
Defect Number: | |
Enhancement Number: | |
Cause: | |
Resolution: |
There are three audit modes that determine what information is logged: If a connection does not reach the full Anomaly Scoring Threshold but triggers a rule, the connection will be logged at the "Warning" level.
|
Workaround: | |
Notes: |
T.Mike Curry
Where are the WAF log files? How do I view them?