Monitoring and reporting in Network Firewall
Network Firewall offers multiple in-console options to analyze the network traffic monitored by a firewall. The Monitoring page provides tools for real-time monitoring and retroactive analysis, including enhanced filtering and sorting capabilities for IP addresses and protocols. Your firewall's advanced configuration settings affect which dashboards are populated with data. For information on adjusting your firewall's configuration, see Updating a firewall in AWS Network Firewall.
Network Firewall provides the following features in the Monitoring section of firewall details:
Monitoring feature |
Description |
Data source |
Enabled by default? |
|---|---|---|---|
|
Firewall requests |
Provides a graph of the number of packets monitored by the firewall.
|
Stateless and stateful engine traffic. |
Yes |
|
Firewall monitoring dashboard |
Provides real-time analysis of flow and alert logs through multiple visualization options, including:
|
Amazon S3 and CloudWatch logs. |
No. Must be enabled in your firewall's advanced settings. |
|
Traffic analysis mode and reports |
Provides retroactive analysis and report generation. |
HTTP or HTTPS traffic observed over the last 30 days, starting from when you enable Traffic analysis mode on your firewall. |
No. Must be enabled in your firewall's advanced settings. |
Access Monitoring in the Network Firewall console
Follow these steps to access the monitoring and observability features for your firewall:
Sign in to the AWS Management Console and open the Amazon VPC console at https://console.aws.amazon.com/vpc/
. -
In the navigation pane, under Network Firewall, choose Firewalls.
-
In the Firewalls page, choose the name of the firewall that you want to edit. This takes you to the firewall's details page.
-
In the firewall's details page, choose the Monitoring tab.
Review the topics in this guide to learn about the monitoring options you can enable using the Network Firewall console.
Topics
