Wider attack surface coverage powered by hundreds of integrations and deeper threat visibility powered by thousands of detections.
Version: AWS LogForwarder v1.0.10 or later.
AWS Web Application Firewall (WAF) facilitates monitoring web requests forwarded to the Amazon CloudFront distributions or other resources like the Elastic Load Balancer or the API Gateway. It allows or blocks requests based on specific conditions, such as the IP addresses in the form of allowlists or blocklists, regular expressions, and more.
Netsurion's Open XDR platform monitors events from AWS WAF by parsing the AWS CloudTrail logs triggered from the Amazon EventBridge. Netsurion's Open XDR platform dashboards and reports track the overall actions performed related to the AWS WAF service to keep you informed about its activities. It triggers alerts whenever an action critical to the service is carried out.
For a new instance, integrate the AWS instance to Netsurion's Open XDR platform using the Netsurion integrator lambda function, which will in turn deliver logs to Netsurion from AWS. For an already-integrated AWS instance, make sure to update to AWS LogForwarder v1.0.1 or later.
Some of the Data Source Integrations available in Netsurion are listed below.
The configuration details are consistent with Netsurion version 9.3 or later, and AWS LogForwarder v1.0.10 or later.
Download Integration Guide and How-to Guide for more information and to configuration instructions.