Follow

Q&A: What is a "sensitive parameter" in the WAF policy?

 

Question

  • What is the sensitive parameter option in the WAF policy?
  • How can I make it so that parameters like Password or that contains Personal Identifiable Information (PII) DOES NOT show up in the WAF violation logs

 

Environment

  • WAF
    • WAF questionnaire
    • WAF policy

 

Answer

Questionnaire 

WAF Policy

  • An option is available to each parameter entity (wildcard/explicit)
    • Allows the option to hide/mask content within the parameter value so that the content is/are not visible in logs nor in the user interface

 

If you find that you have parameters and would like to make them not visible, please open a ticket with the SOC and report the list of parameters to mask the values on or provide Support ID(s). 

 

Related Content

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request