Forum Discussion
Nikoolayy1
MVP
Maybe check the JSON config file for AWS WAF as the Visibility config should look like the example below:
"VisibilityConfig": {
"SampledRequestsEnabled": true,
"CloudWatchMetricsEnabled": true,
"MetricName": "AWS-AWSBotControl-Example"
https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-rule-group-settings.html
will-will
Jun 20, 2022Altocumulus
config file looks good
"OverrideAction": {
"None": {}
},
"VisibilityConfig": {
"SampledRequestsEnabled": true,
"CloudWatchMetricsEnabled": true,
"MetricName": "F5-CVE_Managed"
}
From your last comment though I was able to find some logs in cloudwatch using:
filter terminatingRuleId = "F5-CVE_Managed"
Now that I can see these logs in Cloudwatch I can check and see if the exploits are getting blocked.
Thank you for your help!