aws waf Is there a way to set up alerts on WAF rules when BLOCKS from certain rule crosses a minimum threshold? Please advise then we shall discuss implementation.

0

Is there a way to set up alerts on WAF rules when BLOCKS from certain rule crosses a minimum threshold?

Please advise then we shall discuss implementation.

asked 2 years ago1174 views
2 Answers
0

Yes, WAF sends BlockedRequest metrics to CloudWatch. From CloudWatch you can then define alarms and actions to take when thresholds have been breached. See: Monitoring with Amazon CloudWatch.

profile pictureAWS
EXPERT
kentrad
answered 2 years ago
0

The metric ** BlockedRequests** will be sent to CloudWatch for all the rules (Metric name = rule name) that are set to BLOCK and collectively for the whole Web ACL (Metric name = name of the Web ACL). Once a block action is performed, you can go to CloudWatch metrics console and navigate to the following: All ==> WAFV2 ==> Region, Rule, WebACL There you will be able to see the Metrics for the Web ACL and the rules. You can then create Alarms for the individual *** BlockedRequest*** metric for when a threshold is breached

AWS
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions