1 of 20
2 of 20
3 of 20
4 of 20
5 of 20
6 of 20
7 of 20
8 of 20
9 of 20
10 of 20
11 of 20
12 of 20
13 of 20
14 of 20
15 of 20
16 of 20
17 of 20
18 of 20
19 of 20
20 of 20

site

doc

blog

success stories

Fields

Edit on GitHub

Azion provides a wide range of variables related to access to its contents and applications. You can feed your big data and stream processing platforms, selecting templates created and maintained by Azion, which have a collection of variables available; or customize your own Data Set in the Data Streaming product.

Variable Source of data Description
$blocked WAF Informs whether the WAF blocked the action or not; 0 when not blocked and 1 when blocked. When in “Learning Mode”, it will not be blocked, regardless of the return.
$bytes_sent Edge Applications Bytes sent to the user, including header and body.
$client Edge Applications, WAF Unique Azion customer identifier.
$configuration Edge Applications, WAF Unique Azion configuration identifier.
$country Edge Applications, WAF Country name of the remote client, for example “Russian Federation”, “United States”. Geolocation detection of IP address.
$headers WAF Request headers analyzed by WAF.
$host Edge Applications, WAF Host information sent on the request line; or Host field of the HTTP header.
$http_referrer Edge Applications Information on the last page the user was on, before making the request.
$http_user_agent Edge Applications The identification of the application that made the request, for example: Mozilla/5.0 (Windows NT 10.0; Win64; x64).
$remote_addr Edge Applications, WAF IP address of the request.
$remote_port Edge Applications Remote port of the request.
$request_length Edge Applications Request size, including request line, headers and body.
$request_method Edge Applications Request method; usually “GET” or “POST”.
$request_time Edge Applications Request processing time with resolution in milliseconds.
$request_uri Edge Applications URI of the request made by the user, without the Host and Protocol information.
$requestPath Edge Applications, WAF The request URI without Query String, Host and Protocol information.
$requestQuery Edge Applications, WAF Only the URI parameters of the request.
$scheme Edge Applications Request scheme “http” or “https.
$sent_http_content_type Edge Applications “Content-Type” header sent in the origin’s response.
$sent_http_x_original_image_size Edge Applications “X-Original-Image-Size” header sent in the origin’s response (used by IMS to inform original image size).
$server_protocol Edge Applications, WAF The protocol of the connection established, usually “HTTP/1.1” or “HTTP/2.0”.
$ssl_cipher Edge Applications Cipher string used to establish SSL connection.
$ssl_protocol Edge Applications The protocol for an established SSL connection, for example “TLS v1.2”.
$state Edge Applications Name of the remote client’s state, e.g. “RS”, “SP”. Geolocation detection of IP address.
$status Edge Applications The status code of the request, for example: 200.
$tcpinfo_rtt Edge Applications The RTT time in microseconds measured by Edge for the user.
$time Edge Applications, WAF Timestamp of the start of the request.
$upstream_bytes_received Edge Applications Number of bytes received by the origin’s Edge, if the content is not cached.
$upstream_cache_status Edge Applications Status of the Edge cache. It can assume the values “MISS”, “BYPASS”, “EXPIRED”, “STALE”, “UPDATING”, “REVALIDATED” or “HIT”.
$upstream_connect_time Edge Applications Time in milliseconds for Edge to establish a connection with the origin (“0” in case of KeepAlive and “-“ in case of cache).
$upstream_header_time Edge Applications Time in milliseconds for Edge to receive the origin’s response headers ( “-“ in case of cache).
$upstream_response_time Edge Applications Time in milliseconds for Edge to receive all of the response from the origin, including headers and body (“-“ in case of cache).
$upstream_status Edge Applications HTTP Status Code of the origin (“-“ in case of cache).
$version Edge Applications, WAF The version of Azion Log used.
$waf_args WAF The request arguments.
$waf_attack_action Edge Applications, WAF Reports WAF’s action regarding the action ($BLOCK, $PASS, $LEARNING_BLOCK, $LEARNING_PASS).
$waf_attack_family Edge Applications, WAF Informs the classification of the WAF infraction detected in the request (SQL, XSS, TRAVERSAL, among others)
$waf_learning WAF Informs if WAF is in learning mode, usually 0 or 1.
$waf_match WAF List of infractions found in the request, it is formed by key-value elements; the key refers to the type of violation detected; the value shows the string that generated the infraction.
$waf_score WAF Reports the score that will be increased in the event of a match.
$waf_server WAF Hostname used in the request.
$waf_uri WAF URI used in the request.

Didn’t find what you were looking for? Open a support ticket.