NGINX WAF
7 TopicsPush NGINX Plus and App Protect metrics/logs to Cloudwatch
Hi, I have NGINX Plus with App Protect instances scaling in/out via AWS Autoscaling group. These instances are also connected to an NGINX Controller (after running controller agent script). I want to collect and push NGINX Controller Agent Metrics to AW Cloudwatch but I don't find any documentation for that. Please suggest a way to push these metrics to AWS Cloudwatch. Specifically I am looking to collect system metrics like system.disk.free or system.mem.available etc and push it to Cloudwatch logs. Ultimately I need to create an alarm in cloudwatch that will send an alert based on disk and mem usage of any NGINX Plus instances of the Autoscaling group. Are there any nginx plus directives that allow me to push these as a log entry to cloud watch? My nginx log format is like this: log_format key_value 'site="$server_name" server="$host" dest_port="$server_port" dest_ip="$server_addr" ' 'src="$remote_addr" src_ip="$realip_remote_addr" user="$remote_user" ' 'time_local="$time_local" protocol="$server_protocol" status="$status" ' 'bytes_out="$bytes_sent" bytes_in="$upstream_bytes_received" ' 'http_referer="$http_referer" http_user_agent="$http_user_agent" ' 'nginx_version="$nginx_version" http_x_forwarded_for="$http_x_forwarded_for" ' 'http_x_header="$http_x_header" uri_query="$query_string" uri_path="$uri" ' 'http_method="$request_method" response_time="$upstream_response_time" ' 'cookie="$http_cookie" request_time="$request_time" category="$sent_http_content_type" https="$https" ' 'CORRELATION_IDENTIFIER="$http_correlationid" ssl_client_fingerprint="$ssl_client_fingerprint" ssl_client_dn="$ssl_client_s_dn"'; log_format security_waf '$remote_addr [$time_local] "$request" ' '$status waf_policy=$app_protect_policy_name, waf_request_id=$app_protect_support_id ' 'waf_action=$app_protect_outcome, waf_action_reason=$app_protect_outcome_reason'; access_log /var/log/nginx/access.log key_value; #WAF access logs access_log /var/log/app_protect/waf-access.log security_waf;904Views0likes4Commentsvirtual server with two service or more
i have one web server behind the big-ip which applied on it variety services , I need to access web application from outside as below : when write HTTP://abc.com forward traffic to normal web service, and when write HTTP://abc.com:2003 forward traffic to cpanel on web server. i have one node and one pool and one Virtual server enabled HTTP on it . how to configure this case . thanks846Views2likes7CommentsDoes F5 ASM/WAF use Content Nature Detection Engines?
I know that this could be an internal information but does the F5 ASM/WAF use Content Nature Detection Engines that know a specific language for example javascript or PHP and how it should function, so an attack to be detected if there is something outside of norm for this language and only when a new version of that language comes out, then the engine will need an update from the cloud?372Views0likes0CommentsExport EAP config into NAP config
Hello, I would like to know if it is possible to export an Essential App Protect configuration and import it into a local NGINX App Protect instance in our dev/test environment? Is there a way to use the EAP API to pull a JSON version of currently configured policy out of EAP? Thanks, -Mike411Views0likes1Comment