Hello @MF ,
I got a response back from the team. Currently enabling "Only Log" action on certain managed rules is not supported by Azure application gateway WAF. This feature is currently planned to be released by end of CY22.
If it helps you can follow the methodology discussed here to determine which rule blocked your request.
If you can put the WAF in detection mode with monitoring enabled. If any request is block by managed rules, you can go through the Firewall Log and determine the rule which is blocking this issue: You can identify this via OWASP GitHub Repo where the
details.file represents the file and
details.line will represent the rule section which was triggered.
Hope this helps! Please let me know if you have any additional questions.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.