Merge pull request #286066 from robertspears/patch-1

Add note to specify minimum rule set for log scrubbing

Author: prmerger-automator[bot]

articles/web-application-firewall/ag/waf-sensitive-data-protection-configure.md

@@ -12,6 +12,9 @@ ms.date: 09/05/2023
 
 The Web Application Firewall's (WAF's) Log Scrubbing tool helps you remove sensitive data from your WAF logs. It works by using a rules engine that allows you to build custom rules to identify specific portions of a request that contain sensitive data. Once identified, the tool scrubs that information from your logs and replaces it with _*******_.
 
+> [!NOTE]
+> The log scrubbing feature is only supported on Web Application Firewalls running the [latest WAF engine](waf-engine.md).  Select OWASP CRS 3.2 or Default Rule Set 2.1 as the managed rule set.
+
 > [!NOTE]
 > When you enable the log scrubbing feature, Microsoft still retains IP addresses in our internal logs to support critical security features.