With an AWAF Logging Profile for the purpose of sending Request log messages to a Splunk Server, how can I log all headers except a cookie?
Go to Solution.
you could mask the cookie value in the logs. The process is described in K52154401.
It should look similar to this:
View solution in original post
Thank you Daniel. Although my intention is not to log the Cookie due to its length, not due to its private content. It is consuming most of the log message.
Would masking it reduce its length too?
Nothing that comes to my mind instantaneously. Maybe a filter on the log server rather than on the BIG-IP?
Not sure if we need to log headers, would you think this can be enabled upon trouble-shooting. There are multiple cookies and their size is massive.