This image shows the architecture for compiling WAF logs and forward those logs to OCI Logging for further consumption by a third party, such as Splunk.

The image depicts an OCI region comprising a tenancy, within which is a virtual cloud network containing a subnet where resides a nonspecific application. Users access this application from the internet, through a Web Application Firewall (WAF), which writes data to a WAF log. This log is placed in OCI object storage within the availability domain. If it triggers a nonspecified event, that event invokes a function to write it to OCI logging.