Azure WAF Policy Mangaed Rule Filters

Not sure how to format this one, they are more of a starting point for my own filtering process for creating Manages Rule Exclusions based on triggered rules in the logs.

AzureDiagnostics
| where ResourceProvider == "MICROSOFT.NETWORK" and Category == "FrontdoorWebApplicationFirewallLog"
| where ruleName_s contains "DefaultRuleSet-1.0-SQLI"
| where  details_matches_s !contains "PostParamValue:value"
| where  details_matches_s !contains "PostParamValue:__VIEWSTATE"
| where  details_matches_s !contains "CookieValue:UMB-XSRF-V"
| where  details_matches_s !contains "CookieValue:UMB-XSRF-TOKEN"
| where  details_matches_s !contains "PostParamValue:__VIEWSTATE"
| where  details_matches_s !contains "QueryParamValue:redir"
| where  details_matches_s !contains "additionalFacilities"
| where  details_matches_s !contains "iTFacilities"
| where action_s == "Block"

AzureDiagnostics
| where ResourceProvider == "MICROSOFT.NETWORK" and Category == "FrontdoorWebApplicationFirewallLog"
| where ruleName_s contains "DefaultRuleSet-1.0-SQLI-942430"
| where  details_matches_s !contains "PostParamValue:__VIEWSTATE"
| where  details_matches_s !contains "QueryParamValue:redir"
| where action_s == "Block"

AzureDiagnostics
| where ResourceProvider == "MICROSOFT.NETWORK" and Category == "FrontdoorWebApplicationFirewallLog"
| where ruleName_s contains "DefaultRuleSet-1.0-XSS-941320"
| where action_s == "Block"
aramValue:redir"
| where action_s == "Block"</code></pre>

AppGateway Log filtering Disable CNAME check