From ab3eebc5866c0b7c59888db2e0642655602eecdf Mon Sep 17 00:00:00 2001 From: Stephen Haynes Date: Wed, 8 Jul 2026 11:41:15 -0700 Subject: [PATCH 1/5] Update n1 waf docs and changelog to reference default log profiles and make a copy feautre --- content/nginx-one-console/changelog.md | 10 ++++++++++ .../waf-integration/policy/configure-policy.md | 1 + 2 files changed, 11 insertions(+) diff --git a/content/nginx-one-console/changelog.md b/content/nginx-one-console/changelog.md index 64a2c4077..d42ed7e55 100644 --- a/content/nginx-one-console/changelog.md +++ b/content/nginx-one-console/changelog.md @@ -10,6 +10,16 @@ nollms: true Stay up-to-date with what's new and improved in the F5 NGINX One Console. +## July 16, 2026 + +### F5 WAF for NGINX: Built-In Log Profile Support + +F5 WAF for NGINX built-in log profiles are now available as starting points while creating new log profiles. The configuration editor also now supports auto-complete for built-in log profile names, enabling easier reference to them. + +### F5 WAF for NGINX: Log Profile Copy Support + +Enabled making a copy of log profiles via the log profile list row actions so that existing log profiles can be easily extended without overwriting their existing content. + ## June 15, 2026 ### F5 WAF for NGINX: Updated policy version names diff --git a/content/nginx-one-console/waf-integration/policy/configure-policy.md b/content/nginx-one-console/waf-integration/policy/configure-policy.md index c6830349b..b031e9063 100644 --- a/content/nginx-one-console/waf-integration/policy/configure-policy.md +++ b/content/nginx-one-console/waf-integration/policy/configure-policy.md @@ -22,6 +22,7 @@ If you already know F5 WAF for NGINX, you can go beyond the options available in From NGINX One Console, select **WAF > Policies**. In the screen that appears, select **Add Policy**. That action opens a screen where you can: +- Optionally choose a F5 WAF for NGINX [default logging profile]({{< ref "/waf/logging/log-overview.md#default-logging-profile-bundles" >}}) to use as a starting point - In General Settings, name and describe the policy. - You can also set one of the following enforcement modes: - Transparent From 5f222f055fbefad06e8247a31ae1631fa26207e5 Mon Sep 17 00:00:00 2001 From: Stephen Haynes Date: Tue, 14 Jul 2026 13:04:43 -0700 Subject: [PATCH 2/5] address MR feedback --- content/nginx-one-console/changelog.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/nginx-one-console/changelog.md b/content/nginx-one-console/changelog.md index d42ed7e55..76fed308f 100644 --- a/content/nginx-one-console/changelog.md +++ b/content/nginx-one-console/changelog.md @@ -14,11 +14,11 @@ Stay up-to-date with what's new and improved in the F5 NGINX One Console. ### F5 WAF for NGINX: Built-In Log Profile Support -F5 WAF for NGINX built-in log profiles are now available as starting points while creating new log profiles. The configuration editor also now supports auto-complete for built-in log profile names, enabling easier reference to them. +You can now use F5 WAF for NGINX built-in log profiles as starting points while creating new log profiles. The configuration editor also now supports auto-complete for built-in log profile names, making them easier for you to reference within a config. ### F5 WAF for NGINX: Log Profile Copy Support -Enabled making a copy of log profiles via the log profile list row actions so that existing log profiles can be easily extended without overwriting their existing content. +You can now make a copy of log profiles via the log profile list row actions so that you can easily extend existing log profiles without overwriting their existing content. ## June 15, 2026 From 3ee28a221d090847a5c1a0e117d417802a02f3d4 Mon Sep 17 00:00:00 2001 From: Stephen Haynes Date: Tue, 14 Jul 2026 13:22:34 -0700 Subject: [PATCH 3/5] add notes to relevant docs pages --- .../log-profiles/configure-log-profiles.md | 1 + .../log-profiles/deploy-log-profile.md | 11 ++++++----- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/content/nginx-one-console/waf-integration/log-profiles/configure-log-profiles.md b/content/nginx-one-console/waf-integration/log-profiles/configure-log-profiles.md index 88c24519c..a1943cb9a 100644 --- a/content/nginx-one-console/waf-integration/log-profiles/configure-log-profiles.md +++ b/content/nginx-one-console/waf-integration/log-profiles/configure-log-profiles.md @@ -28,6 +28,7 @@ For detailed information about security logging capabilities and available log a From NGINX One Console, select **WAF** > **Log Profiles**. In the screen that appears, select **Add Log Profile**. This action opens a screen where you can: +- In **Start From**, choose a F5 WAF for NGINX [default logging profile]({{< ref "/waf/logging/log-overview.md#default-logging-profile-bundles" >}}) to use as a starting point - In **General Settings**, name and describe the log profile - Configure the filter settings to determine which requests are logged - Set the content format and options for how log messages are structured diff --git a/content/nim/waf-integration/policies-and-logs/log-profiles/deploy-log-profile.md b/content/nim/waf-integration/policies-and-logs/log-profiles/deploy-log-profile.md index 0cbd369d5..d1fc1a4b0 100644 --- a/content/nim/waf-integration/policies-and-logs/log-profiles/deploy-log-profile.md +++ b/content/nim/waf-integration/policies-and-logs/log-profiles/deploy-log-profile.md @@ -47,7 +47,6 @@ Before you begin, make sure you have: 6. In the drop-down menu that appears, select the instance or instance group to deploy to. 7. Choose how to deploy the log profile: - - **Add a new log profile path**: Specify a new file path where the log profile bundle should be deployed. - **Update all log profiles**: Sync all log profiles on the target instance or instance group. This updates all existing log profiles by compiling their latest JSON contents into bundles and deploying them to all existing file paths. @@ -63,10 +62,13 @@ You can also deploy a log profile directly when editing the NGINX configuration 1. Select the **Configuration** tab, then select **Edit Configuration**. + {{< call-out class="note" >}} + Note: you can also reference a F5 WAF for NGINX [default logging profile]({{< ref "/waf/logging/log-overview.md#default-logging-profile-bundles" >}}) by using its name, no deployment required. + {{< /call-out >}} + 1. Select **Apply security** and select which log profile to deploy. 1. Copy the code snippet with the required directives and paste it into your NGINX configuration. The snippet includes: - - `app_protect_security_log_enable on` - `app_protect_security_log` with the log profile bundle path and destination @@ -77,7 +79,7 @@ You can also deploy a log profile directly when editing the NGINX configuration app_protect_security_log /etc/nginx/log-profile-bundle.tgz syslog:server=localhost:514; ``` -8. Select **Save**, then select **Publish**. +1. Select **Save**, then select **Publish**. --- @@ -86,7 +88,6 @@ You can also deploy a log profile directly when editing the NGINX configuration After deployment, verify that the log profile is active on the target instances or instance groups. 1. Confirm that the NGINX configuration includes the required directives: - - `app_protect_security_log_enable on` - `app_protect_security_log` with the correct log profile bundle path and destination @@ -106,4 +107,4 @@ For more information, see: - [Review log profiles]({{< ref "/nim/waf-integration/policies-and-logs/log-profiles/review-log-profile.md" >}}) - [Compile a security log profile]({{< ref "/nim/waf-integration/policies-and-logs/log-profiles/compile-log-profile.md" >}}) - [Security log directives]({{< ref "/waf/logging/security-logs.md#directives-in-nginxconf" >}}) -- [Security Logs]({{< ref "/waf/logging/security-logs.md" >}}) \ No newline at end of file +- [Security Logs]({{< ref "/waf/logging/security-logs.md" >}}) From 3740b637182a6230d918a9dfd213f865584a3a15 Mon Sep 17 00:00:00 2001 From: Stephen Haynes Date: Tue, 14 Jul 2026 15:27:51 -0700 Subject: [PATCH 4/5] add updated api spec --- static/nginx-one-console/api/one.json | 70 +++++++++++++++++---------- 1 file changed, 45 insertions(+), 25 deletions(-) diff --git a/static/nginx-one-console/api/one.json b/static/nginx-one-console/api/one.json index 5fb30e163..b99ed1b2d 100644 --- a/static/nginx-one-console/api/one.json +++ b/static/nginx-one-console/api/one.json @@ -4416,7 +4416,7 @@ "WAF Log Profiles" ], "summary": "List WAF log profiles", - "description": "Returns a list of WAF log profiles.", + "description": "Returns a list of WAF log profiles.\n\nBuilt-in log profiles are excluded by default. To include them, filter by `source` with value `built_in`. Built-in profiles are pre-installed in the WAF engine and do not need to be compiled or deployed.\n", "operationId": "listWafLogProfiles", "parameters": [ { @@ -10309,7 +10309,7 @@ } }, "example": { - "public_certs": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUzb3lkdWVPQU5KSGh2TDN5dkpkVHBob2V2NUdPN2dvK0J5WU9PL2w1NHU1TzJQeE1lWCtBakFiNkF4bXEKbGl2SXVodz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==" + "public_certs": "UkVEQUNURUQ=" } }, "CertificateRequest": { @@ -10332,7 +10332,7 @@ "example": { "name": "example-ca-bundle", "content": { - "public_certs": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUzb3lkdWVPQU5KSGh2TDN5dkpkVHBob2V2NUdPN2dvK0J5WU9PL2w1NHU1TzJQeE1lWCtBakFiNkF4bXEKbGl2SXVodz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==", + "public_certs": "UkVEQUNURUQ=", "private_key": "" } } @@ -10616,7 +10616,7 @@ } }, "example": { - "private_key": "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFM295ZHVlT0FOSkhodkwzeXZKZFRwaG9ldjVHTzdnbytCeVlPTy9sNTR1NU8yUHhNZVgrQWpBYjZBeG1xCmxpdkl1aHc9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0t" + "private_key": "UkVEQUNURUQ=" } }, "CertificateUpdateRequest": { @@ -10636,7 +10636,7 @@ "example": { "name": "example-cert-object", "content": { - "public_certs": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUzb3lkdWVPQU5KSGh2TDN5dkpkVHBob2V2NUdPN2dvK0J5WU9PL2w1NHU1TzJQeE1lWCtBakFiNkF4bXEKbGl2SXVodz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ==" + "public_certs": "UkVEQUNURUQ=" } } }, @@ -13637,6 +13637,18 @@ "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" } }, + "TemplateSubmissionObjectID": { + "description": "A globally unique identifier for a template submission.", + "type": "string", + "format": "object_id", + "pattern": "^tmplsm_.*", + "x-go-type": "objects.ID", + "x-go-type-import": { + "name": "objects", + "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" + }, + "example": "tmplsm_frBobKIAQ_21grAwV83VYz" + }, "StagedConfigCertificateSummary": { "type": "object", "description": "Provides a summary of the current status of certificates used in NGINX configurations. It includes the total number of certificates, as well as the counts of expired certificates, those nearing expiration, valid certificates, certificates that are not found, and those that are not ready for use.", @@ -13702,6 +13714,10 @@ "format": "date-time", "description": "The date and time when the NGINX configuration object was last modified for the instance." }, + "template_submission_id": { + "description": "A globally unique identifier for the template submission associated with this staged config, if applicable.", + "$ref": "#/components/schemas/TemplateSubmissionObjectID" + }, "cert_summary": { "$ref": "#/components/schemas/StagedConfigCertificateSummary" } @@ -15590,6 +15606,7 @@ "name": "test-log-profiles", "object_id": "lp_XYxnZgVYQFKire4M1KcVVQ", "is_f5_default": false, + "source": "user_defined", "config": "eyJsb2dfc3RyZWFtIjogIntmb3JtYXQgY29tYmluZWQgZXg=", "deployments": [ { @@ -15635,6 +15652,7 @@ "name": "test-log-profiles", "object_id": "lp_XYxnZgVYQFKire4M1KcVVQ", "is_f5_default": false, + "source": "user_defined", "deployments": [ { "nap_release": "5.10.0", @@ -15656,6 +15674,7 @@ "object_id", "hash", "is_f5_default", + "source", "modified_at", "created_at" ], @@ -15672,7 +15691,18 @@ "description": "The hash value of the NGINX App Protect log profile configs." }, "is_f5_default": { - "$ref": "#/components/schemas/IsF5Default" + "type": "boolean", + "deprecated": true, + "description": "Indicates whether this is an F5 default object (true) or a user-defined object (false).\nDeprecated: Use the `source` field instead. This field will be removed after December 2026.\n" + }, + "source": { + "type": "string", + "description": "Classifies the origin of the log profile.\n- `user_defined` — created by a user; can be compiled, deployed, modified, and deleted.\n- `f5_default` — provided by F5; can be compiled and deployed but not modified or deleted.\n- `built_in` — pre-installed in the WAF engine; can be referenced directly in NGINX configuration by name. Cannot be compiled, deployed, modified, or deleted. Excluded from list results unless explicitly filtered with `source=built_in`.\n", + "enum": [ + "user_defined", + "f5_default", + "built_in" + ] }, "description": { "description": "Optional field to describe the NGINX App Protect log profile.", @@ -16305,22 +16335,20 @@ }, "FilterNameNapLogProfile": { "type": "string", - "description": "Keywords for NGINX App Protect log profile filters.\n", + "description": "Keywords for NGINX App Protect log profile filters.\nWhen filtering on `source`, the following `filter_values` are supported: `user_defined`, `f5_default`, `built_in`.\nBuilt-in log profiles are excluded from all results unless `source=built_in` is explicitly specified.\n", "enum": [ "name", "object_id", - "deployment_status" + "deployment_status", + "source" ], "x-enum-varnames": [ "filter_name_nap_log_profile_name", "filter_name_nap_log_profile_object_id", - "filter_name_nap_log_profile_deployment_status" + "filter_name_nap_log_profile_deployment_status", + "filter_name_nap_log_profile_source" ] }, - "IsF5Default": { - "type": "boolean", - "description": "Indicates whether this is an F5 default object (true) or a user-defined object (false)." - }, "FilterNameNapLogProfileDeployment": { "type": "string", "description": "Keywords for NGINX App Protect log profile deployment filters.\nWhen filtering on `type`, only the following `filter_values` are supported:\n * instance\n * config_sync_group\nWhen filtering on `status`, only the following `filter_values` are supported:\n * deployed\n * deploying\n * failed\n", @@ -17413,18 +17441,6 @@ "error": "\"upstream\" directive is not allowed here in /etc/nginx/nginx.conf:1" } }, - "TemplateSubmissionObjectID": { - "description": "A globally unique identifier for a template submission.", - "type": "string", - "format": "object_id", - "pattern": "^tmplsm_.*", - "x-go-type": "objects.ID", - "x-go-type-import": { - "name": "objects", - "path": "gitlab.com/f5/nginx/one/saas/control-plane/pkg/collections/objects" - }, - "example": "tmplsm_frBobKIAQ_21grAwV83VYz" - }, "TemplateSubmissionListResponse": { "description": "List of template submissions.", "allOf": [ @@ -17705,6 +17721,10 @@ "filter_name_templates_is_f5_default" ] }, + "IsF5Default": { + "type": "boolean", + "description": "Indicates whether this is an F5 default object (true) or a user-defined object (false)." + }, "FilterNameSubmissions": { "type": "string", "description": "Keywords for config template submissions filters.\n", From 546a7475ac1a29c7993feb6e36e15bdaacf76a60 Mon Sep 17 00:00:00 2001 From: shaynesf5 <143122659+shaynesf5@users.noreply.github.com> Date: Wed, 15 Jul 2026 11:46:15 -0700 Subject: [PATCH 5/5] Apply suggestions from code review Co-authored-by: Travis Martin <33876974+travisamartin@users.noreply.github.com> --- content/nginx-one-console/changelog.md | 4 ++-- .../waf-integration/log-profiles/configure-log-profiles.md | 2 +- .../waf-integration/policy/configure-policy.md | 2 +- .../policies-and-logs/log-profiles/deploy-log-profile.md | 2 +- static/nginx-one-console/api/one.json | 4 ++-- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/content/nginx-one-console/changelog.md b/content/nginx-one-console/changelog.md index 76fed308f..9004e17be 100644 --- a/content/nginx-one-console/changelog.md +++ b/content/nginx-one-console/changelog.md @@ -14,11 +14,11 @@ Stay up-to-date with what's new and improved in the F5 NGINX One Console. ### F5 WAF for NGINX: Built-In Log Profile Support -You can now use F5 WAF for NGINX built-in log profiles as starting points while creating new log profiles. The configuration editor also now supports auto-complete for built-in log profile names, making them easier for you to reference within a config. +You can now use built-in F5 WAF for NGINX log profiles as starting points when you create new log profiles. The configuration editor now supports autocomplete for built-in log profile names, making it easier to reference them in a configuration. ### F5 WAF for NGINX: Log Profile Copy Support -You can now make a copy of log profiles via the log profile list row actions so that you can easily extend existing log profiles without overwriting their existing content. +You can now copy log profiles from the log profile list. Use row actions to create a copy and extend an existing log profile without overwriting its content. ## June 15, 2026 diff --git a/content/nginx-one-console/waf-integration/log-profiles/configure-log-profiles.md b/content/nginx-one-console/waf-integration/log-profiles/configure-log-profiles.md index a1943cb9a..146ffa25b 100644 --- a/content/nginx-one-console/waf-integration/log-profiles/configure-log-profiles.md +++ b/content/nginx-one-console/waf-integration/log-profiles/configure-log-profiles.md @@ -28,7 +28,7 @@ For detailed information about security logging capabilities and available log a From NGINX One Console, select **WAF** > **Log Profiles**. In the screen that appears, select **Add Log Profile**. This action opens a screen where you can: -- In **Start From**, choose a F5 WAF for NGINX [default logging profile]({{< ref "/waf/logging/log-overview.md#default-logging-profile-bundles" >}}) to use as a starting point +- In **Start From**, select an F5 WAF for NGINX [default logging profile]({{< ref "/waf/logging/log-overview.md#default-logging-profile-bundles" >}}) as a starting point. - In **General Settings**, name and describe the log profile - Configure the filter settings to determine which requests are logged - Set the content format and options for how log messages are structured diff --git a/content/nginx-one-console/waf-integration/policy/configure-policy.md b/content/nginx-one-console/waf-integration/policy/configure-policy.md index b031e9063..d80859b68 100644 --- a/content/nginx-one-console/waf-integration/policy/configure-policy.md +++ b/content/nginx-one-console/waf-integration/policy/configure-policy.md @@ -22,7 +22,7 @@ If you already know F5 WAF for NGINX, you can go beyond the options available in From NGINX One Console, select **WAF > Policies**. In the screen that appears, select **Add Policy**. That action opens a screen where you can: -- Optionally choose a F5 WAF for NGINX [default logging profile]({{< ref "/waf/logging/log-overview.md#default-logging-profile-bundles" >}}) to use as a starting point +- Optionally, select an F5 WAF for NGINX [default logging profile]({{< ref "/waf/logging/log-overview.md#default-logging-profile-bundles>}} as a starting point. - In General Settings, name and describe the policy. - You can also set one of the following enforcement modes: - Transparent diff --git a/content/nim/waf-integration/policies-and-logs/log-profiles/deploy-log-profile.md b/content/nim/waf-integration/policies-and-logs/log-profiles/deploy-log-profile.md index d1fc1a4b0..4c0b5f212 100644 --- a/content/nim/waf-integration/policies-and-logs/log-profiles/deploy-log-profile.md +++ b/content/nim/waf-integration/policies-and-logs/log-profiles/deploy-log-profile.md @@ -63,7 +63,7 @@ You can also deploy a log profile directly when editing the NGINX configuration 1. Select the **Configuration** tab, then select **Edit Configuration**. {{< call-out class="note" >}} - Note: you can also reference a F5 WAF for NGINX [default logging profile]({{< ref "/waf/logging/log-overview.md#default-logging-profile-bundles" >}}) by using its name, no deployment required. + You can also reference an F5 WAF for NGINX [default logging profile]({{< ref "/waf/logging/log-overview.md#default-logging-profile-bundles" >}}) by name. You don't need to deploy it first. {{< /call-out >}} 1. Select **Apply security** and select which log profile to deploy. diff --git a/static/nginx-one-console/api/one.json b/static/nginx-one-console/api/one.json index b99ed1b2d..493c086c2 100644 --- a/static/nginx-one-console/api/one.json +++ b/static/nginx-one-console/api/one.json @@ -15697,7 +15697,7 @@ }, "source": { "type": "string", - "description": "Classifies the origin of the log profile.\n- `user_defined` — created by a user; can be compiled, deployed, modified, and deleted.\n- `f5_default` — provided by F5; can be compiled and deployed but not modified or deleted.\n- `built_in` — pre-installed in the WAF engine; can be referenced directly in NGINX configuration by name. Cannot be compiled, deployed, modified, or deleted. Excluded from list results unless explicitly filtered with `source=built_in`.\n", + "description": "Classifies the source of the log profile.\n- `user_defined` — Created by a user. You can compile, deploy, modify, or delete these profiles.\n- `f5_default` — Provided by F5. You can compile and deploy these profiles, but you can't modify or delete them.\n- `built_in` — Included in the WAF engine. You can reference these profiles by name in the NGINX configuration. You can't compile, deploy, modify, or delete them. These profiles are excluded from list results unless you filter for `source=built_in`.\n", "enum": [ "user_defined", "f5_default", @@ -17723,7 +17723,7 @@ }, "IsF5Default": { "type": "boolean", - "description": "Indicates whether this is an F5 default object (true) or a user-defined object (false)." + "description": "Indicates whether the object is an F5 default object (`true`) or a user-defined object (`false`)." }, "FilterNameSubmissions": { "type": "string",