Amazon Network Firewall
Incident Management is now generally available! Incident Management is now generally available!

Amazon Network Firewall

Crawler Crawler

Overview

AWS Network Firewall is a stateful, service that allows customers to filter traffic at the perimeter of their VPC.

Enable this integration to see all of your Amazon Network Firewall metrics in Datadog.

Setup

Installation

If you haven’t already, set up the Amazon Web Services integration first.

Metric collection

  1. In the AWS integration tile, ensure that Network Firewall is checked under metric collection.

  2. Install the Datadog - AWS Amazon Network Firewall integration.

Log collection

Enable logging

Configure Amazon Network Firewall to send logs either to a S3 bucket or to Cloudwatch.

Note: If you log to a S3 bucket, make sure that amazon_network_firewall is set as Target prefix.

Send logs to Datadog

  1. If you haven’t already, set up the Datadog log collection AWS Lambda function.

  2. Once the lambda function is installed, manually add a trigger on the S3 bucket or Cloudwatch log group that contains your Amazon Network Firewall logs in the AWS console:

Data Collected

Metrics

aws.networkfirewall.received_packets
(gauge)
The number of packets received by the firewall.
Shown as packet
aws.networkfirewall.dropped_packets
(gauge)
The number of packets dropped by a firewall rule.
Shown as packet
aws.networkfirewall.passed_packets
(gauge)
The number of packets forwarded on by the firewall.
Shown as packet

Each of the metrics retrieved from AWS will be assigned the same tags that appear in the AWS console, including but not limited to host name, security-groups, and more.

Events

The AWS Amazon Network Firewall integration does not include any events.

Service Checks

The AWS Amazon Network Firewall integration does not include any service checks.

Troubleshooting

Need help? Contact Datadog support.

Further Reading

Additional helpful documentation, links, and articles: