1 Answer
- Newest
- Most votes
- Most comments
1
If you are sending network firewall logs to CloudWatch Logs, you can use Amazon Athena to query the logs. Athena lets you use SQL type queries over CloudWatch logs in S3.
Here is a link to some more details on using Athena with network firewall logs: https://docs.aws.amazon.com/athena/latest/ug/querying-network-firewall-logs.html
For even more analysis, you can also use Contributor Insights or CloudWatch Insights to get metrics on common events and themes in your logs:
https://aws.amazon.com/blogs/mt/use-contributor-insights-to-analyze-aws-network-firewall/ https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AnalyzingLogData.html
Relevant content
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
Creating custom dashboards and metrics is really a madness! Especially at enterprise level, coming from advanced tools like Checkpoint firewall or Imperva WAF, this is like goiing back to stone age!