If you are sending network firewall logs to CloudWatch Logs, you can use Amazon Athena to query the logs. Athena lets you use SQL type queries over CloudWatch logs in S3.
Here is a link to some more details on using Athena with network firewall logs: https://docs.aws.amazon.com/athena/latest/ug/querying-network-firewall-logs.html
For even more analysis, you can also use Contributor Insights or CloudWatch Insights to get metrics on common events and themes in your logs:
When I create a VPC can I attach a Network Firewall to it upon creation?
AWS Network Firewall - Strict order and suricata emerging rulesAccepted Answerasked a year ago
Network Firewall shows "aws:alert_strict action" when it set with Strict Order stateful engine option.asked 2 months ago
AWS Network Firewall Managed Signaturesasked 7 months ago
Logging Network Firewall Logs to S3 bucket. What should I use for my Service Principal?
AWS Network Firewall stateful rule groupsasked 8 months ago
Network Firewall logs unusableasked a year ago
Does Network Firewall logging tell me the policy rule that was enforced?asked 5 months ago
Network Firewall sometimes misses L7asked 9 months ago
Network Firewallasked 6 months ago