Barracuda WAF-as-a-Service generates two types of logs:
- Access Logs contain a record of each HTTP/HTTPS request processed by Barracuda WAF-as-a-Service.
- Firewall Logs contain a record of each policy violation found by Barracuda WAF-as-a-Service, along with the associated action performed by Barracuda WAF-as-a-Service.
Note that in some circumstances, a single HTTP/HTTPS request might generate more than one Firewall Log entry. For example, if Block Attacks is turned off, multiple violations might be detected in the same request and logged, but because none of them cause the request to be blocked, Barracuda WAF-as-a-Service continues processing and finds more violations.
You can interact with these logs in multiple ways:
- View on the Logs page. See Access and Firewall Logs.
- Export as a CSV file, on-demand from the Logs page. See Access and Firewall Logs.
- Retrieve via the Barracuda WAF-as-a-Service API.
- Export in real time via the Syslog protocol, using the Log Export component.
Barracuda WAF-as-a-Service retains logs for 45 days, and then deletes them automatically. If you require longer retention, be sure to download or retrieve your logs using one of the above methods before they are automatically deleted.
If you have specific data residency requirements, be sure to select deployment locations that meet those requirements, as described in Understanding Deployment Locations. Your traffic will only be processed in the locations you select.