AWS waf documentation change
Summary
Added new metrics (LowReputationPacketsDropped, LowReputationRequestsDenied) and dimensions related to security monitoring.
Security assessment
These metrics enhance visibility into security-related events (malicious traffic detection) but do not indicate a specific security vulnerability being addressed.
Diff
diff --git a/waf/latest/developerguide/waf-metrics.md b/waf/latest/developerguide/waf-metrics.md index f5e4c6ce8..5533c2cd2 100644 --- a//waf/latest/developerguide/waf-metrics.md +++ b//waf/latest/developerguide/waf-metrics.md @@ -57 +56,0 @@ AWS WAF core metrics Metric | Description -`RequestsWithValidChallengeToken` | The number of web requests that had challenge controls applied and that had a valid challenge token. Reporting criteria: There is a nonzero value. Valid statistics: Sum @@ -58,0 +58,3 @@ AWS WAF core metrics Metric | Description +`RequestsWithValidChallengeToken` | The number of web requests that had challenge controls applied and that had a valid challenge token. Reporting criteria: There is a nonzero value. Valid statistics: Sum +`LowReputationPacketsDropped` | The number of packets dropped from known malicious sources. Reporting criteria: There is a nonzero value. Valid statistics: Sum This metric is published to the `AWS/ApplicationELB` namespace. +`LowReputationRequestsDenied` | The number of HTTP requests denied with HTTP 403 responses. Reporting criteria: There is a nonzero value. Valid statistics: Sum This metric is published to the `AWS/ApplicationELB` namespace. @@ -71,0 +74 @@ AWS WAF core dimensions Dimension | Description +`WebACLArn` | The Amazon Resource Name (ARN) of the web ACL. This dimension is only available when AWS WAF is enabled. @@ -76,0 +80,2 @@ AWS WAF core dimensions Dimension | Description +`LoadBalancerArn` | The Amazon Resource Name (ARN) of the load balancer. +`LoadBalancerArnAvailabilityZone` | The combination of the load balancer ARN and the Availability Zone.