Join Log in
Score:0
JoeS avatar Server

Do AWS WAF logs capture all traffic, or just rule matches?

in flag
JoeS

I want to implement some AWS WAF rules but I need more knowledge of the quantity (origin, resource, etc) of requests that come through my loadbalancer.

Can I skip ALB logs and get logs for requests to ALB using WAF? Or, does WAF only produce logs when the request matches a rule in an WAF ACL / ruleset?

Thanks.

109
0 + 0
Tim avatar
gp flag
Tim
"You can enable logging to get detailed information about traffic that is analyzed by your web ACL" https://docs.aws.amazon.com/waf/latest/developerguide/logging.html . Based on that I think it's just per ACL. I would use ALB logs. Your question isn't clear what you're trying to achieve
0
Reply
Score:0
Tim P avatar Server
af flag
Tim P

WAF will log all requests, however you may still want the ALB logs as the WAF logs do not contain any information about the response provided by your back end systems/the ALB. So if you are looking for data about time taken, response code or response size, you still need the ALB logs.

The list of WAF log fields can be found here: https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html

ALB log fields are here: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html#access-log-entry-format

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.