Oracle Cloud Infrastructure Documentation


Logs displays log activity and the details of each logged event within a specified time frame. Logs enable you to understand what rules and countermeasures are triggered by requests and are used as a basis to move request handling into block mode. Logs can come from Access Control, Protection Rules, or Bot events.


If you have concerns over General Data Protection Regulation (GDPR) requirements, Logs can be disabled for the WAF service. You can use My Oracle Support to file a service request to disable Logs.

Using the Console

To view Logs

  1. Open the navigation menu. Under Governance and Administration, go to Security and click WAF Policies.
  2. Click the name of the WAF Policy you want to view logs for. The WAF Policy overview appears.
  3. Click Logs. Logs for the WAF policy appear.
  4. To help find a log, you can use the following filter options:
    • To view alerting activity data for a specific time range, enter a Start Date, Start Time, End Date, or End Time.
    • To view logs for a URL, enter a Request URL.
    • To view logs for a client IP address, select an address from the Client IP Address drop-down menu.
    • To view logs for a country, select a country from the Country Name drop-down list.
    • To find a type of action, select an Action check box.
    • To find a log type, select a Log Type check box.
  5. Click the plus sign next to the Alert Type you want to view.

Using the API

For information about using the API and signing requests, see REST APIs and Security Credentials. For information about SDKs, see Software Development Kits and Command Line Interface.