Hi Team ,
Post WAF implementation we have faced issues with our application so configured WAF exclusions on the basis of path and signature but we would like to know amount of traffic hitting those exclusion so that we can mitigate and shut open gates for attacks .
Please help to add this filter/feature .
I would like to have the relevant violation or attack signature information for the WAF exclusions included in the logs.
Example:
Detection
sec_event_type
waf_sec_event
action allow
Signature ID 1234567890
name ABCDEF
attack_type ATTACK_TYPE_PREDICTABLE_RESOURCE_LOCATION
accuracy medium_accuracy
context url
matching_info Matched XXXXX
state Disabled