From 16dda537b0e42c75657275cfd582e2e82f16405a Mon Sep 17 00:00:00 2001
From: Diana <75819066+cloudjumpercat@users.noreply.github.com>
Date: Thu, 19 Dec 2024 16:13:57 -0600
Subject: [PATCH] fix: Add example Injection Protection plugin log (#8286)

* Add example log

Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com>

---------

Signed-off-by: Diana <75819066+cloudjumpercat@users.noreply.github.com>
Co-authored-by: Angel <Guaris@users.noreply.github.com>
Co-authored-by: lena-larionova <54370747+lena-larionova@users.noreply.github.com>
---
 .../kong-inc/injection-protection/overview/_index.md   | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/app/_hub/kong-inc/injection-protection/overview/_index.md b/app/_hub/kong-inc/injection-protection/overview/_index.md
index 213cf062ec8..cb83870a69f 100644
--- a/app/_hub/kong-inc/injection-protection/overview/_index.md
+++ b/app/_hub/kong-inc/injection-protection/overview/_index.md
@@ -81,6 +81,16 @@ Logs are automatically collected when you enable the Injection Protection plugin
     * [UDP Log](/hub/kong-inc/udp-log/)
 * [{{site.konnect_short_name}} Advanced Analytics](/konnect/analytics/) <!--though i'm not sure if they will do anything with them yet--> 
 
+Here's a sample log entry created by the Injection Protection plugin. 
+
+```
+threat detected: 'sql', action taken: log_only, found in path_and_query, query param value: foo: insert into test
+```
+Where:
+* The plugin detected a SQL injection threat
+* It created a log entry but took no other actions
+* The threat was found in the request path or query
+* The inserted snippet is `foo: insert into test`
 
 ## Get started with the Injection Protection plugin
 * [Configuration reference](/hub/kong-inc/injection-protection/configuration/)