com.amazonaws.services.wafv2.model

Class LoggingConfiguration

java.lang.Object

com.amazonaws.services.wafv2.model.LoggingConfiguration

All Implemented Interfaces:

StructuredPojo, Serializable, Cloneable

@Generated(value="com.amazonaws:aws-java-sdk-code-generator")
public class LoggingConfiguration
extends Object
implements Serializable, Cloneable, StructuredPojo

Defines an association between logging destinations and a web ACL resource, for logging from WAF. As part of the association, you can specify parts of the standard logging fields to keep out of the logs and you can specify filters so that you log only a subset of the logging records.

You can define one logging destination per web ACL.

You can access information about the traffic that WAF inspects using the following steps:

1. Create your logging destination. You can use an Amazon CloudWatch Logs log group, an Amazon Simple Storage Service (Amazon S3) bucket, or an Amazon Kinesis Data Firehose. For information about configuring logging destinations and the permissions that are required for each, see Logging web ACL traffic information in the WAF Developer Guide.

2. Associate your logging destination to your web ACL using a PutLoggingConfiguration request.

When you successfully enable logging using a PutLoggingConfiguration request, WAF creates an additional role or policy that is required to write logs to the logging destination. For an Amazon CloudWatch Logs log group, WAF creates a resource policy on the log group. For an Amazon S3 bucket, WAF creates a bucket policy. For an Amazon Kinesis Data Firehose, WAF creates a service-linked role.

For additional information about web ACL logging, see Logging web ACL traffic information in the WAF Developer Guide.

See Also:

AWS API Documentation, Serialized Form

Constructor Summary

Constructors

Constructor and Description
LoggingConfiguration()

Method Summary

Modifier and Type	Method and Description
LoggingConfiguration	clone()
boolean	equals(Object obj)
List<String>	getLogDestinationConfigs() The logging destination configuration that you want to associate with the web ACL.
LoggingFilter	getLoggingFilter() Filtering that specifies which web requests are kept in the logs and which are dropped.
Boolean	getManagedByFirewallManager() Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration.
List<FieldToMatch>	getRedactedFields() The parts of the request that you want to keep out of the logs.
String	getResourceArn() The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.
int	hashCode()
Boolean	isManagedByFirewallManager() Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration.
void	marshall(ProtocolMarshaller protocolMarshaller) Marshalls this structured data using the given ProtocolMarshaller.
void	setLogDestinationConfigs(Collection<String> logDestinationConfigs) The logging destination configuration that you want to associate with the web ACL.
void	setLoggingFilter(LoggingFilter loggingFilter) Filtering that specifies which web requests are kept in the logs and which are dropped.
void	setManagedByFirewallManager(Boolean managedByFirewallManager) Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration.
void	setRedactedFields(Collection<FieldToMatch> redactedFields) The parts of the request that you want to keep out of the logs.
void	setResourceArn(String resourceArn) The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.
String	toString() Returns a string representation of this object.
LoggingConfiguration	withLogDestinationConfigs(Collection<String> logDestinationConfigs) The logging destination configuration that you want to associate with the web ACL.
LoggingConfiguration	withLogDestinationConfigs(String... logDestinationConfigs) The logging destination configuration that you want to associate with the web ACL.
LoggingConfiguration	withLoggingFilter(LoggingFilter loggingFilter) Filtering that specifies which web requests are kept in the logs and which are dropped.
LoggingConfiguration	withManagedByFirewallManager(Boolean managedByFirewallManager) Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration.
LoggingConfiguration	withRedactedFields(Collection<FieldToMatch> redactedFields) The parts of the request that you want to keep out of the logs.
LoggingConfiguration	withRedactedFields(FieldToMatch... redactedFields) The parts of the request that you want to keep out of the logs.
LoggingConfiguration	withResourceArn(String resourceArn) The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

LoggingConfiguration

public LoggingConfiguration()

Method Detail

setResourceArn

public void setResourceArn(String resourceArn)

The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.

Parameters:

resourceArn - The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.

getResourceArn

public String getResourceArn()

The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.

Returns:

The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.

withResourceArn

public LoggingConfiguration withResourceArn(String resourceArn)

The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.

Parameters:

resourceArn - The Amazon Resource Name (ARN) of the web ACL that you want to associate with LogDestinationConfigs.

Returns:

Returns a reference to this object so that method calls can be chained together.

getLogDestinationConfigs

public List<String> getLogDestinationConfigs()

The logging destination configuration that you want to associate with the web ACL.

You can associate one logging destination to a web ACL.

Returns:

The logging destination configuration that you want to associate with the web ACL.

You can associate one logging destination to a web ACL.

setLogDestinationConfigs

public void setLogDestinationConfigs(Collection<String> logDestinationConfigs)

The logging destination configuration that you want to associate with the web ACL.

You can associate one logging destination to a web ACL.

Parameters:

logDestinationConfigs - The logging destination configuration that you want to associate with the web ACL.

You can associate one logging destination to a web ACL.

withLogDestinationConfigs

public LoggingConfiguration withLogDestinationConfigs(String... logDestinationConfigs)

The logging destination configuration that you want to associate with the web ACL.

You can associate one logging destination to a web ACL.

NOTE: This method appends the values to the existing list (if any). Use setLogDestinationConfigs(java.util.Collection) or withLogDestinationConfigs(java.util.Collection) if you want to override the existing values.

Parameters:

logDestinationConfigs - The logging destination configuration that you want to associate with the web ACL.

You can associate one logging destination to a web ACL.

Returns:

Returns a reference to this object so that method calls can be chained together.

withLogDestinationConfigs

public LoggingConfiguration withLogDestinationConfigs(Collection<String> logDestinationConfigs)

The logging destination configuration that you want to associate with the web ACL.

You can associate one logging destination to a web ACL.

Parameters:

logDestinationConfigs - The logging destination configuration that you want to associate with the web ACL.

You can associate one logging destination to a web ACL.

Returns:

Returns a reference to this object so that method calls can be chained together.

getRedactedFields

public List<FieldToMatch> getRedactedFields()

The parts of the request that you want to keep out of the logs. For example, if you redact the SingleHeader field, the HEADER field in the logs will be xxx.

You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, Method, and JsonBody.

Returns:

The parts of the request that you want to keep out of the logs. For example, if you redact the SingleHeader field, the HEADER field in the logs will be xxx.

You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, Method, and JsonBody.

setRedactedFields

public void setRedactedFields(Collection<FieldToMatch> redactedFields)

The parts of the request that you want to keep out of the logs. For example, if you redact the SingleHeader field, the HEADER field in the logs will be xxx.

You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, Method, and JsonBody.

Parameters:

redactedFields - The parts of the request that you want to keep out of the logs. For example, if you redact the SingleHeader field, the HEADER field in the logs will be xxx.

You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, Method, and JsonBody.

withRedactedFields

public LoggingConfiguration withRedactedFields(FieldToMatch... redactedFields)

The parts of the request that you want to keep out of the logs. For example, if you redact the SingleHeader field, the HEADER field in the logs will be xxx.

You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, Method, and JsonBody.

NOTE: This method appends the values to the existing list (if any). Use setRedactedFields(java.util.Collection) or withRedactedFields(java.util.Collection) if you want to override the existing values.

Parameters:

redactedFields - The parts of the request that you want to keep out of the logs. For example, if you redact the SingleHeader field, the HEADER field in the logs will be xxx.

You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, Method, and JsonBody.

Returns:

Returns a reference to this object so that method calls can be chained together.

withRedactedFields

public LoggingConfiguration withRedactedFields(Collection<FieldToMatch> redactedFields)

The parts of the request that you want to keep out of the logs. For example, if you redact the SingleHeader field, the HEADER field in the logs will be xxx.

You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, Method, and JsonBody.

Parameters:

redactedFields - The parts of the request that you want to keep out of the logs. For example, if you redact the SingleHeader field, the HEADER field in the logs will be xxx.

You can specify only the following fields for redaction: UriPath, QueryString, SingleHeader, Method, and JsonBody.

Returns:

Returns a reference to this object so that method calls can be chained together.

setManagedByFirewallManager

public void setManagedByFirewallManager(Boolean managedByFirewallManager)

Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.

Parameters:

managedByFirewallManager - Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.

getManagedByFirewallManager

public Boolean getManagedByFirewallManager()

Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.

Returns:

Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.

withManagedByFirewallManager

public LoggingConfiguration withManagedByFirewallManager(Boolean managedByFirewallManager)

Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.

Parameters:

managedByFirewallManager - Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.

Returns:

Returns a reference to this object so that method calls can be chained together.

isManagedByFirewallManager

public Boolean isManagedByFirewallManager()

Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.

Returns:

Indicates whether the logging configuration was created by Firewall Manager, as part of an WAF policy configuration. If true, only Firewall Manager can modify or delete the configuration.

setLoggingFilter

public void setLoggingFilter(LoggingFilter loggingFilter)

Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.

Parameters:

loggingFilter - Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.

getLoggingFilter

public LoggingFilter getLoggingFilter()

Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.

Returns:

Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.

withLoggingFilter

public LoggingConfiguration withLoggingFilter(LoggingFilter loggingFilter)

Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.

Parameters:

loggingFilter - Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.

Returns:

Returns a reference to this object so that method calls can be chained together.

toString

public String toString()

Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.

Overrides:

toString in class Object

Returns:

A string representation of this object.

See Also:

Object.toString()

equals

public boolean equals(Object obj)

Overrides:

equals in class Object

hashCode

public int hashCode()

Overrides:

hashCode in class Object

clone

public LoggingConfiguration clone()

Overrides:

clone in class Object

marshall

public void marshall(ProtocolMarshaller protocolMarshaller)

Description copied from interface: StructuredPojo

Marshalls this structured data using the given ProtocolMarshaller.

Specified by:

marshall in interface StructuredPojo

Parameters:

protocolMarshaller - Implementation of ProtocolMarshaller used to marshall this object's data.