Help on how to get a log sample to confirm if the waf is analyzing traffic.
Please make sure the virtual server with the waf policy also has a logging profile attached per the example below.
To see the event log, navigate to "Security > event logs > application requests. you can also generate violations using the instructions in the lab guide here: https://clouddocs.f5.com/training/community/waf/html/waf102/module4-xparent-policy/lab1/lab1.html
please let us know if you get stuck.