All Products
Search
Document Center

Cloud Config:waf-instance-logging-enabled

Last Updated:Jun 16, 2026

Checks whether log collection is enabled for all domain names protected by Web Application Firewall (WAF). If log collection is enabled, the evaluation result is Compliant.

Scenarios

Enable log collection for each WAF-protected domain name so that Log Service for WAF automatically stores domain logs in the dedicated Logstore. You can then query and analyze the log data to meet audit requirements.

Risk level

Default risk level: medium.

You can change the risk level when you apply this rule.

Compliance evaluation logic

  • If log collection is enabled for all WAF-protected domain names, the evaluation result is Compliant.
  • If log collection is disabled for any WAF-protected domain name, the evaluation result is Incompliant. For more information about how to remediate an incompliant configuration, see Incompliance remediation.

Rule details

Item Description
Rule name waf-instance-logging-enabled
Rule identifier waf-instance-logging-enabled
Tag WAF and AuditBaseline
Automatic remediation Supported
Trigger type Periodic execution
Evaluation frequency Interval of 24 hours
Supported resource type Instance
Input parameter None

Incompliance remediation

Enable log collection for the WAF-protected domain name. For more information, see Get started with WAF log service.