Azure Web Application Firewall
An Azure service that provides protection for web apps.
323 questions
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi, First poster here. I have a SOAP API that is behind an APP GW with WAF and then an APIM.
Some of the payloads are triggering built in WAF rules and causing logs to be recorded. I have configured the log scrubbing to target the named properties inside the XML body but cannot get it to redact them.
I noticed that XML is not supported for skipping built in rules which uses a similar syntax but is it supported in the log scrubbing feature?
Example XML tags
<userPassword>
<token>
Is log scrubbing able to find these XML tags and redact the value or is it not supported? Thanks