My WAF worked properly. Just my miss was, i checked WAF log on Cloudwatch (all request has been logged) I was able to check blocked / allowed logs with log's specific info