Add support for WAFv2 logging and sampling
Closed this issue · 1 comments
rmartin48 commented
Contact Details (optional)
No response
Summary
When enabling WAFv2 for the ALB, it is important to be able to log the web ACL traffic in order to evaluate the rules groups and make improvements.
WAFv2 provides two methods of achieving this:
- Logging: stream logs to Amazon Kinesis Data Firehose, Cloudwatch Log group, or an S3 bucket.
- Sampling: stores samples from the last 3 hours of requests that match the web ACL rules.
Motivation
Need to get detailed information about traffic that is analysed by the WAF web ACLs such as:
- Timestamp
- Rule groups evaluated
- Rule action
- Terminating rule
Alternatives
No response
Additional Context
No response
Code of Conduct
- I agree to follow this project's Code of Conduct
rmartin48 commented
Closing this as it is better implement customisation of the WAF in your own terraform config. Particularly when needing things like rule exclusions.