0

I want to implement some AWS WAF rules but I need more knowledge of the quantity (origin, resource, etc) of requests that come through my loadbalancer.

Can I skip ALB logs and get logs for requests to ALB using WAF? Or, does WAF only produce logs when the request matches a rule in an WAF ACL / ruleset?

Thanks.

JoeS
  • 11
  • 2
  • "You can enable logging to get detailed information about traffic that is analyzed by your web ACL" https://docs.aws.amazon.com/waf/latest/developerguide/logging.html . Based on that I think it's just per ACL. I would use ALB logs. Your question isn't clear what you're trying to achieve – Tim Dec 07 '21 at 02:30

1 Answers1

0

WAF will log all requests, however you may still want the ALB logs as the WAF logs do not contain any information about the response provided by your back end systems/the ALB. So if you are looking for data about time taken, response code or response size, you still need the ALB logs.

The list of WAF log fields can be found here: https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html

ALB log fields are here: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html#access-log-entry-format

Tim P
  • 66
  • 5