You can enable logging to get detailed information about he traffic that is analyzed by the Web Application Firewall (WAF). Information that is contained in the logs includes the time that LoadMaster WAF received the request from your LoadMaster resource, detailed information about the request, and the action for the rule that each request matched.

To enable the WAF debug traces, click Enable Logging at System Configuration > Logging Options > System Log Files > Debug Options.

CAUTION: Be aware that enabling this option will generate logs that may include Personally Identifiable Information as defined under the General Data Protection Agreement (EU GDPR). You should follow your organization’s best practice to protect this information, which may include anonymizing, deleting, or encrypting the data within the logs.
Note: This generates a lot of log traffic. It also slows down WAF processing. Only enable this option when requested to do so by Progress Kemp Technical Support. We do not recommend enabling this option in a production environment.

The WAF debug logs are never closed and they are rotated if they get too large. WAF (in general) needs to be disabled and re-enabled (by clearing and re-selecting the Enabled check box) in all WAF-enabled Virtual Service settings to re-enable the debug logs. Alternatively, perform an update (in the Web Application Firewall > Access Settings screen), with daily updates that are relevant for the Virtual Service(s).