WAF rules should have CloudWatch metrics enabled

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

This control verifies whether monitoring metrics have been enabled for a WAFv2 rule group within your cloud-based firewall service. The control will only pass if monitoring metrics are active for the rule group.

Enabling monitoring metrics for WAFv2 rule groups gives you insight into traffic patterns. It allows you to track which rules are activated and to view which requests are allowed or denied. This level of monitoring helps in detecting potentially harmful activities targeting your associated resources.

Please note that AWS WAF Classic rule groups are not evaluated by this control.

Remediation

For guidance on enabling WAFv2 rule group metrics, please refer to the Monitoring with Amazon CloudWatch section in the AWS WAF User Guide.