Once the lambda function is installed, manually add a trigger on the S3 bucket or CloudWatch log group that contains your Amazon Network Firewall logs in the AWS console:
The number of packets received by the firewall. Shown as packet
aws.networkfirewall.dropped_packets (gauge)
The number of packets dropped by a firewall rule. Shown as packet
aws.networkfirewall.passed_packets (gauge)
The number of packets forwarded on by the firewall. Shown as packet
Each of the metrics retrieved from AWS are assigned the same tags that appear in the AWS console, including but not limited to host name, security-groups, and more.
Events
The AWS Amazon Network Firewall integration does not include any events.
Service Checks
The AWS Amazon Network Firewall integration does not include any service checks.