diff --git a/content/waf/logging/access-logs.md b/content/waf/logging/access-logs.md
index 9292bb3817..3cbda55913 100644
--- a/content/waf/logging/access-logs.md
+++ b/content/waf/logging/access-logs.md
@@ -37,7 +37,7 @@ These are the variables added to Access Log. They are a subset of the Security l
| ---| ---| --- |
|$app_protect_support_id | Unique ID assigned to the request by F5 WAF for NGINX. | To be used to correlate the access log with the security log.
Left empty in failure mode. |
|$app_protect_outcome | One of:
- **PASSED**: request was sent to origin server.
- **REJECTED**: request was blocked.
| |
-|$app_protect_outcome_reason | One of:- **SECURITY_WAF_OK**: allowed with no violations (legal request).
- **SECURITY_WAF_VIOLATION**: blocked due to security violations.
- **SECURITY_WAF_FLAGGED**: allowed although it has violations (illegal).
- **SECURITY_WAF_BYPASS**: WAF was supposed to inspect the request but it didn't (because of unavailability or resource shortage). The request was PASSED or REJECTED according to the failure mode action determined by the user.
- **SECURITY_WAF_REQUEST_IN_FILE_BYPASS**: WAF was supposed to inspect the request but it didn't (because request buffer was full and request was written to file). The request was PASSED or REJECTED according to the failure mode action determined by the user.
- **SECURITY_WAF_COMPRESSED_REQUEST_BYPASS**: WAF was supposed to inspect the request but it didn't (because request was compressed). The request was PASSED or REJECTED according to the failure mode action determined by the user.
| |
+|$app_protect_outcome_reason | One of:- **SECURITY_WAF_OK**: allowed with no violations (legal request).
- **SECURITY_WAF_VIOLATION**: blocked due to security violations.
- **SECURITY_WAF_FLAGGED**: allowed although it has violations (illegal).
- **SECURITY_WAF_VIOLATION_TRANSPARENT**: allowed, when the policy is in transparent mode, but would be blocked if the policy is set to blocking mode.
- **SECURITY_WAF_BYPASS**: WAF was supposed to inspect the request but it didn't (because of unavailability or resource shortage). The request was PASSED or REJECTED according to the failure mode action determined by the user.
- **SECURITY_WAF_REQUEST_IN_FILE_BYPASS**: WAF was supposed to inspect the request but it didn't (because request buffer was full and request was written to file). The request was PASSED or REJECTED according to the failure mode action determined by the user.
- **SECURITY_WAF_COMPRESSED_REQUEST_BYPASS**: WAF was supposed to inspect the request but it didn't (because request was compressed). The request was PASSED or REJECTED according to the failure mode action determined by the user.
| |
|$app_protect_policy_name | The name of the policy that enforced the request. | |
|$app_protect_version | The F5 WAF for NGINX version string: major.minor.build format. | Does not include the F5 NGINX plus version (e.g. R21). The latter is available in `$version` variable. |