WAF rules should have CloudWatch metrics enabled

waf
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

This control verifies whether monitoring metrics have been enabled for a WAFv2 rule group within your cloud-based firewall service. The control will only pass if monitoring metrics are active for the rule group.

Enabling monitoring metrics for WAFv2 rule groups gives you insight into traffic patterns. It allows you to track which rules are activated and to view which requests are allowed or denied. This level of monitoring helps in detecting potentially harmful activities targeting your associated resources.

Please note that AWS WAF Classic rule groups are not evaluated by this control.

Remediation

For guidance on enabling WAFv2 rule group metrics, please refer to the Monitoring with Amazon CloudWatch section in the AWS WAF User Guide.

PREVIEWING: dgreen15/github-error-fix