WAF Log Scrubbing XML payloads

Alex Savage 0 Reputation points
2024-10-04T12:33:44.4+00:00

Hi, First poster here. I have a SOAP API that is behind an APP GW with WAF and then an APIM.

Some of the payloads are triggering built in WAF rules and causing logs to be recorded. I have configured the log scrubbing to target the named properties inside the XML body but cannot get it to redact them.

I noticed that XML is not supported for skipping built in rules which uses a similar syntax but is it supported in the log scrubbing feature?

Example XML tags

<userPassword>

<token>

Is log scrubbing able to find these XML tags and redact the value or is it not supported? Thanks

Azure Web Application Firewall
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.