Release Notes and Announcements
- Release Notes
- Security Announcement
- Announcements
Product Introduction
- Overview
- Strengths
- Use Cases
- Comparison Between EdgeOne and CDN Products
- Use Limits
Purchase Guide
- Description of Trial Plan Experience Benefits
- Free Plan Guide
- Billing Overview
- Billing Items
- Subscriptions
- Renewals
- Instructions for overdue and refunds
- Comparison of EdgeOne Plans
- About "clean traffic" billing instructions
- DDoS Protection Capacity Description
Getting Started
- Choose business scenario
- Quick access to website security acceleration
- Deploying Websites Quickly via Makers
- Access Your First Site via the EdgeOne Skill Dialog
Domain Service&Origin Configuration
- Domain Service
- HTTPS Certificate
- Origin Configuration
Site Acceleration
- Overview
- Access Control
- Smart Acceleration
- Cache Configuration
- File Optimization
- Network Optimization
- URL Rewrite
- Modifying Header
- Modify the response content
- Rule Engine
- Image&Video Processing
- Speed limit for single connection download
DDoS & Web Protection
- Overview
- DDoS Protection
- Web Protection
- Bot Management
- API Discovery（Beta）
Edge Functions
- Overview
- Getting Started
- Operation Guide
- Runtime APIs
- Sample Functions
- Best Practices
KV Storage
- Overview
- Operation Guide
Edge inference
- Edge Inference Overview
- Quick Guide
Makers
L4 Proxy
- Overview
- Creating an L4 Proxy Instance
- Modifying an L4 Proxy Instance
- Disabling or Deleting an L4 Proxy Instance
- Batch Configuring Forwarding Rules
- Obtaining Real Client IPs
Data Analysis&Log Service
- Log Service
- Data Analysis
- Alarm Service
Site and Billing Management
- Billing Management
- Site Management
- Version Management
- General Policy
General Reference
- Configuration Syntax
- Request and Response Actions
- Country/region and Corresponding Codes
Terraform
- Overview
- Installing and Configuring Terraform
Practical Tutorial
- Automatic Warm-up/Cache Purge
- Resource Abuse/hotlinking Protection Practical
- HTTPS Related Practices
- Acceleration Optimization
- Origin Server Configuration
- Scheduling Traffic
- Data Analysis and Alerting
- Log Platform Integration Practices
- CORS Response Configuration
AI Resources and Terraform
- AI Resources
API Documentation
- History
- Introduction
- API Category
- Making API Requests
- Site APIs
- Accelerated Domain Name Management APIs
- Site Acceleration Configuration APIs
- Edge Function APIs
- Alias Domain APIs
- Security Configuration APIs
- Layer 4 Application Proxy APIs
- Content Management APIs
- Data Analysis APIs
- Log Service APIs
- Billing APIs
- Certificate APIs
- Origin Protection APIs
- Load Balancing APIs
- Diagnostic Tool APIs
- Custom Response Page APIs
- Version Management APIs
- API Security APIs
- DNS Record APIs
- Content Identifier APIs
- Legacy APIs
- Ownership APIs
- Image and Video Processing APIs
- Multi-Channel Security Gateway APIs
- KV Storage APIs
- Data Types
- Error Codes
FAQs
- Product Features FAQs
- DNS Record FAQs
- Domain Configuration FAQs
- Site Acceleration FAQs
- Data and Log FAQs
- Security Protection-related Queries
- Origin Configuration FAQs
Troubleshooting
- Reference for Abnormal Status Codes
- Troubleshooting Guide for EdgeOne 4XX/5XX Status Codes
- 520/524 Status Code Troubleshooting Guide
- 521/522 Status Code Troubleshooting Guide
- Tool Guide
Agreements
- Service Level Agreement
- Origin Protection Enablement Conditions of Use
TEO Policy
- Privacy Policy
- Data Processing And Security Agreement
Contact Us
Glossary

Managed Rule Logs

Download

Focus Mode

Font Size

Last updated: 2026-06-01 15:27:07

The following is a detailed description of the fields in the managed rule logs.
Field Description
Request Fields
Field Name
Data Type
Description
RequestHost
String
Host of the client request.
RequestID
String
Unique ID of the client request.
RequestTime
Timestamp ISO8601
The time when the EdgeOne node receives the client request. Time zone: UTC+0. Example: 2024-10-14T05:13:43Z
RequestMethod
String
HTTP method of the client request. Valid values:
GET
POST
HEAD
PUT
DELETE
CONNECT
OPTIONS
TRACE
PATCH
RequestUA
String
User-Agent information of the client request.
RequestURI
String
URI information of the client request.
RequestLog
String
Header log of the client request, including the request line and complete HTTP request headers.
RequestBody
String
Request body that hits a managed rule. The first 10 KB is captured.
Client Fields
Field Name
Data Type
Description
ClientIP
String
IP address of the client connected to the EdgeOne node.
ClientCountry
String
Country/region resolved from the client IP address. Format: ISO 3166-1 alpha-2.
Security Fields
Field Name
Data Type
Description
SecurityRuleID
String
ID of the security rule that applies the final action to the request, corresponding to SecurityAction.
SecurityModule
String
Name of the security module that applies the final action to the request. This field corresponds to SecurityAction. Valid value:
ManagedRule: Web Security - Managed Rule
SecurityAction
String
Final action applied after the request hits a security rule. Valid values:
monitor: Observe
drop: Block
SecurityMatchingField
String
Matching field of the managed rule that applies the final action to the request. It indicates the specific content in the request that is detected by the rule. Example:rocess').execSync('echo VULN_1767842690_9463',{'timeout':30000}).
SecurityMatchingPosition
String
Matching position of the managed rule that applies the final action to the request. It indicates where the detected content comes from in the request. Example: Full request path.
Reference
Log Example
The following is an example of a single managed rule log under the default configuration.
  {
    "ClientCountry": "SG",
    "ClientIP": "0.0.0.0",
    "RequestBody": "a=||whoami||",
    "RequestHost": "www.example.com",
    "RequestID": "13719873400522703510",
    "RequestLog": "POST / HTTP/1.1\\nhost: www.example.com\\nuser-agent: curl/8.7.1\\naccept: */*\\ncontent-type: application/x-www-form-urlencoded\\neo-inner-original-url-scheme: http\\neo-inner-original-header-host: www.example.com\\neo-inner-original-url-host: www.example.com\\neo-inner-original-url-port: 80\\neo-inner-client-port: 56268\\neo-inner-client-ip: 0.0.0.0\\neo-inner-client-net-protocol: TCP\\neo-inner-client-http-version: HTTP/1.1\\neo-connecting-ip: 0.0.0.0\\ncdn-loop: TencentEdgeOne; loops=1\\neo-inner-mid-protect: t=1778487220&s=35864a5c12d9ac68b0fb929c4e76c79e\\ncontent-length: 12",
    "RequestMethod": "POST",
    "RequestTime": 1778487220,
    "RequestUA": "curl/8.7.1",
    "RequestURI": "/",
    "SecurityAction": "drop",
    "SecurityMatchingField": "||whoami||",
    "SecurityMatchingPosition": "body",
    "SecurityModule": "ManageRule",
    "SecurityRuleID": "4401214653"
  }
﻿

Help and Support

Was this page helpful?

You can also Contact sales or Submit a Ticket for help.

Help us improve! Rate your documentation experience in 5 mins.

Feedback

tencent cloud

Tencent Cloud EdgeOne

Managed Rule Logs

Field Description

Request Fields

Client Fields

Security Fields

Reference

Log Example

Help and Support

Field Name	Data Type	Description
RequestHost	String	Host of the client request.
RequestID	String	Unique ID of the client request.
RequestTime	Timestamp ISO8601	The time when the EdgeOne node receives the client request. Time zone: UTC+0. Example: `2024-10-14T05:13:43Z`
RequestMethod	String	HTTP method of the client request. Valid values: `GET` `POST` `HEAD` `PUT` `DELETE` `CONNECT` `OPTIONS` `TRACE` `PATCH`
RequestUA	String	User-Agent information of the client request.
RequestURI	String	URI information of the client request.
RequestLog	String	Header log of the client request, including the request line and complete HTTP request headers.
RequestBody	String	Request body that hits a managed rule. The first 10 KB is captured.