Amazon CloudWatch
User Guide

AWS WAF Metrics and Dimensions

AWS WAF sends data to CloudWatch every minute. For more information, see Testing Web ACLs in the AWS WAF Developer Guide.

AWS WAF Metrics

The WAF namespace includes the following metrics.

Metric Description

AllowedRequests

The number of allowed web requests.

Reporting criteria: There is a nonzero value

Valid statistics: Sum

BlockedRequests

The number of blocked web requests.

Reporting criteria: There is a nonzero value

Valid statistics: Sum

CountedRequests

The number of counted web requests.

Reporting criteria: There is a nonzero value

A counted web request is one that matches all of the conditions in a particular rule. Counted web requests are typically used for testing.

Valid statistics: Sum

PassedRequests

The number of passed requests for a rule group.

Reporting criteria: There is a nonzero value

Passed requests are requests that did not match any rule contained in the rule group.

Valid statistics: Sum

AWS WAF Dimensions

AWS WAF for CloudFront can use the following dimension combinations:

  • Rule, WebACL

  • RuleGroup, WebACL

  • Rule, RuleGroup

AWS WAF for Application Load Balancer can use the following dimension combinations:

  • Region, Rule, WebACL

  • Region, RuleGroup, WebACL

  • Region, Rule, RuleGroup

Dimension Description

Rule

One of the following:

  • The metric name of the Rule.

  • ALL, which represents all rules within a WebACL or RuleGroup.

  • Default_Action (only when combined with the WebACL dimension), which represents the action assigned to any request that does not match any rule with either an allow or block action.

RuleGroup

The metric name of the RuleGroup.

WebACL

The metric name of the WebACL.

Region

The region of the application load balancer.