Ensure that your Amazon WAF Web Access Control Lists (Web ACLs) are configured to capture information about all incoming requests. Amazon WAF is a web application firewall service that lets you monitor web requests that are forwarded to Amazon API Gateway APIs, Amazon CloudFront distributions, or Application Load Balancers in order to help protect them from attacks.
To get detailed information about the web traffic analyzed by your Web Access Control Lists (Web ACLs) you must enable logging. The log entries include the time that Amazon WAF received the request from your AWS resource, detailed information about the request, and the action for the rule that each request matched. You can also send these logs to an Amazon Kinesis Firehose delivery stream with a configured storage destination.
To determine if logging is enabled for Web Access Control Lists (Web ACLs), perform the following operations:
Remediation / Resolution
To enable logging for your Amazon WAF Web Access Control Lists (Web ACLs), perform the following operations:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Enable Logging for Web Access Control Lists
Risk level: Medium