Module Values.ParseWAFSource

Use this processor to parse WAF vended logs, extract fields, and and convert them into a JSON format. This processor always processes the entire log event message. For more information about this processor including examples, see parseWAF. For more information about WAF log format, see Log examples for web ACL traffic. If you use this processor, it must be the first processor in your transformer.

Sourcetype nonrec t = {
  1. source : Source.t option;
    (*

    Omit this parameter and the whole log message will be processed by this processor. No other value than @message is allowed for source.

    *)
}
Sourceval make : ?source:??? -> unit -> t
Sourceval to_value : t -> [> `Structure of (string * [> `String of Source.t ]) list ]
Sourceval to_query : t -> Awso.Client.Query.t
Sourceval of_xml : Awso.Xml.t -> t
Sourceval of_string : string -> t
Sourceval of_json : Yojson.Safe.t -> t
Sourceval to_json : t -> Yojson.Safe.t