:doc:`WAFRegional <../../waf-regional>` / Client / put_logging_configuration

*************************
put_logging_configuration
*************************



.. py:method:: WAFRegional.Client.put_logging_configuration(**kwargs)

  

  .. note::

    

    This is **AWS WAF Classic** documentation. For more information, see `AWS WAF Classic <https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html>`__ in the developer guide.

     

    **For the latest version of AWS WAF**, use the AWS WAFV2 API and see the `AWS WAF Developer Guide <https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html>`__. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

    

   

  Associates a  LoggingConfiguration with a specified web ACL.

   

  You can access information about all traffic that AWS WAF inspects using the following steps:

   

   
  * Create an Amazon Kinesis Data Firehose. Create the data firehose with a PUT source and in the region that you are operating. However, if you are capturing logs for Amazon CloudFront, always create the firehose in US East (N. Virginia). 

  .. note::

    Do not create the data firehose using a ``Kinesis stream`` as your source.

  
   
  * Associate that firehose to your web ACL using a ``PutLoggingConfiguration`` request.
   

   

  When you successfully enable logging using a ``PutLoggingConfiguration`` request, AWS WAF will create a service linked role with the necessary permissions to write logs to the Amazon Kinesis Data Firehose. For more information, see `Logging Web ACL Traffic Information <https://docs.aws.amazon.com/waf/latest/developerguide/logging.html>`__ in the *AWS WAF Developer Guide*.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/waf-regional-2016-11-28/PutLoggingConfiguration>`_  


  **Request Syntax**
  ::

    response = client.put_logging_configuration(
        LoggingConfiguration={
            'ResourceArn': 'string',
            'LogDestinationConfigs': [
                'string',
            ],
            'RedactedFields': [
                {
                    'Type': 'URI'|'QUERY_STRING'|'HEADER'|'METHOD'|'BODY'|'SINGLE_QUERY_ARG'|'ALL_QUERY_ARGS',
                    'Data': 'string'
                },
            ]
        }
    )
    
  :type LoggingConfiguration: dict
  :param LoggingConfiguration: **[REQUIRED]** 

    The Amazon Kinesis Data Firehose that contains the inspected traffic information, the redacted fields details, and the Amazon Resource Name (ARN) of the web ACL to monitor.

     

    .. note::

      

      When specifying ``Type`` in ``RedactedFields``, you must use one of the following values: ``URI``, ``QUERY_STRING``, ``HEADER``, or ``METHOD``.

      

    

  
    - **ResourceArn** *(string) --* **[REQUIRED]** 

      The Amazon Resource Name (ARN) of the web ACL that you want to associate with ``LogDestinationConfigs``.

      

    
    - **LogDestinationConfigs** *(list) --* **[REQUIRED]** 

      An array of Amazon Kinesis Data Firehose ARNs.

      

    
      - *(string) --* 

      
  
    - **RedactedFields** *(list) --* 

      The parts of the request that you want redacted from the logs. For example, if you redact the cookie field, the cookie field in the firehose will be ``xxx``.

      

    
      - *(dict) --* 

        .. note::

          

          This is **AWS WAF Classic** documentation. For more information, see `AWS WAF Classic <https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html>`__ in the developer guide.

           

          **For the latest version of AWS WAF**, use the AWS WAFV2 API and see the `AWS WAF Developer Guide <https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html>`__. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

          

         

        Specifies where in a web request to look for ``TargetString``.

        

      
        - **Type** *(string) --* **[REQUIRED]** 

          The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:

           

          
          * ``HEADER``: A specified request header, for example, the value of the ``User-Agent`` or ``Referer`` header. If you choose ``HEADER`` for the type, specify the name of the header in ``Data``.
           
          * ``METHOD``: The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: ``DELETE``, ``GET``, ``HEAD``, ``OPTIONS``, ``PATCH``, ``POST``, and ``PUT``.
           
          * ``QUERY_STRING``: A query string, which is the part of a URL that appears after a ``?`` character, if any.
           
          * ``URI``: The part of a web request that identifies a resource, for example, ``/images/daily-ad.jpg``.
           
          * ``BODY``: The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first ``8192`` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set. For more information, see  CreateSizeConstraintSet.
           
          * ``SINGLE_QUERY_ARG``: The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion*. The maximum length for ``SINGLE_QUERY_ARG`` is 30 characters.
           
          * ``ALL_QUERY_ARGS``: Similar to ``SINGLE_QUERY_ARG``, but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in ``TargetString``.
          

          

        
        - **Data** *(string) --* 

          When the value of ``Type`` is ``HEADER``, enter the name of the header that you want AWS WAF to search, for example, ``User-Agent`` or ``Referer``. The name of the header is not case sensitive.

           

          When the value of ``Type`` is ``SINGLE_QUERY_ARG``, enter the name of the parameter that you want AWS WAF to search, for example, ``UserName`` or ``SalesRegion``. The parameter name is not case sensitive.

           

          If the value of ``Type`` is any other value, omit ``Data``.

          

        
      
  
  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'LoggingConfiguration': {
              'ResourceArn': 'string',
              'LogDestinationConfigs': [
                  'string',
              ],
              'RedactedFields': [
                  {
                      'Type': 'URI'|'QUERY_STRING'|'HEADER'|'METHOD'|'BODY'|'SINGLE_QUERY_ARG'|'ALL_QUERY_ARGS',
                      'Data': 'string'
                  },
              ]
          }
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **LoggingConfiguration** *(dict) --* 

        The  LoggingConfiguration that you submitted in the request.

        
        

        - **ResourceArn** *(string) --* 

          The Amazon Resource Name (ARN) of the web ACL that you want to associate with ``LogDestinationConfigs``.

          
        

        - **LogDestinationConfigs** *(list) --* 

          An array of Amazon Kinesis Data Firehose ARNs.

          
          

          - *(string) --* 
      
        

        - **RedactedFields** *(list) --* 

          The parts of the request that you want redacted from the logs. For example, if you redact the cookie field, the cookie field in the firehose will be ``xxx``.

          
          

          - *(dict) --* 

            .. note::

              

              This is **AWS WAF Classic** documentation. For more information, see `AWS WAF Classic <https://docs.aws.amazon.com/waf/latest/developerguide/classic-waf-chapter.html>`__ in the developer guide.

               

              **For the latest version of AWS WAF**, use the AWS WAFV2 API and see the `AWS WAF Developer Guide <https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html>`__. With the latest version, AWS WAF has a single set of endpoints for regional and global use.

              

             

            Specifies where in a web request to look for ``TargetString``.

            
            

            - **Type** *(string) --* 

              The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:

               

              
              * ``HEADER``: A specified request header, for example, the value of the ``User-Agent`` or ``Referer`` header. If you choose ``HEADER`` for the type, specify the name of the header in ``Data``.
               
              * ``METHOD``: The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: ``DELETE``, ``GET``, ``HEAD``, ``OPTIONS``, ``PATCH``, ``POST``, and ``PUT``.
               
              * ``QUERY_STRING``: A query string, which is the part of a URL that appears after a ``?`` character, if any.
               
              * ``URI``: The part of a web request that identifies a resource, for example, ``/images/daily-ad.jpg``.
               
              * ``BODY``: The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first ``8192`` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set. For more information, see  CreateSizeConstraintSet.
               
              * ``SINGLE_QUERY_ARG``: The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion*. The maximum length for ``SINGLE_QUERY_ARG`` is 30 characters.
               
              * ``ALL_QUERY_ARGS``: Similar to ``SINGLE_QUERY_ARG``, but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in ``TargetString``.
              

              
            

            - **Data** *(string) --* 

              When the value of ``Type`` is ``HEADER``, enter the name of the header that you want AWS WAF to search, for example, ``User-Agent`` or ``Referer``. The name of the header is not case sensitive.

               

              When the value of ``Type`` is ``SINGLE_QUERY_ARG``, enter the name of the parameter that you want AWS WAF to search, for example, ``UserName`` or ``SalesRegion``. The parameter name is not case sensitive.

               

              If the value of ``Type`` is any other value, omit ``Data``.

              
        
      
    
  
  **Exceptions**
  
  *   :py:class:`WAFRegional.Client.exceptions.WAFInternalErrorException`

  
  *   :py:class:`WAFRegional.Client.exceptions.WAFNonexistentItemException`

  
  *   :py:class:`WAFRegional.Client.exceptions.WAFStaleDataException`

  
  *   :py:class:`WAFRegional.Client.exceptions.WAFServiceLinkedRoleErrorException`

  