Answer-first summary for fast verification
Answer: Enable HTTP(S) Load Balancing logging with sampling rate equal to 1, and view the logs in Cloud Logging.
To identify the specific Google Cloud Armor WAF rule that is incorrectly blocking traffic, the most effective method is to enable HTTP(S) Load Balancing logging with a sampling rate set to 1. This ensures that all requests are logged, allowing you to review the logs in Cloud Logging for detailed information about each request, including which requests were blocked by Cloud Armor and the specific rule that caused the block. This approach directly addresses the need to pinpoint the problematic WAF rule. Other options, such as enabling VPC Flow Logs or firewall logs, do not provide the necessary application-layer details about WAF rule actions. Similarly, audit logs track administrative actions rather than request-level blocking details.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
To identify which Google Cloud Armor WAF rule is incorrectly blocking traffic to your application, what steps should you take?
A
Enable firewall logs, and view the logs in Firewall Insights.
B
Enable HTTP(S) Load Balancing logging with sampling rate equal to 1, and view the logs in Cloud Logging.
C
Enable VPC Flow Logs, and view the logs in Cloud Logging.
D
Enable Google Cloud Armor audit logs, and view the logs on the Activity page in the Google Cloud Console.
No comments yet.