Amazon WAF String that Matched
Amazon WAF has extended support of the ‘ruleMatchDetails’ and ‘terminatingRuleMatchDetails’ fields in the logs to include Regex rules. Customers use logs to further investigate the requests that are inspected by Amazon WAF. The ‘ruleMatchDetails’ log field gives visibility into the part of a request that matched a rule or rule group.
Amazon WAF is a web application firewall that enables you to monitor the HTTP(S) requests that are made to your protected web application resources. By reviewing the ‘ruleMatchDetails’ log fields, customers can further investigate requests and tune their WAF rules accordingly, such as using ‘terminatingRuleMatchDetails’ or to determine whether a request was correctly blocked. Amazon WAF previously only supported logging ‘ruleMatchDetails’ for SQLi and XSS rules.
There is no additional cost for using this feature, but standard service charges for Amazon WAF still apply. See the Amazon WAF Pricing page for more details. For more information about rule match details for Regex rules, visit the Developer Guide. This feature is available in all the Amazon Web Services regions, including the Amazon Web Services China (Beijing) Region, operated by Sinnet and the Amazon Web Services China (Ningxia) Region, operated by NWCD and for each supported service, including Amazon CloudFront, Amazon Application Load Balancer, Amazon API Gateway, Amazon AppSync, and Amazon Cognito. For more information about the service, visit the Amazon WAF page.