Introduction
- Introduction
- Key Features
- Monitoring Capabilities
- Release Notes
- Deprecation and Obsolescence
System Requirements
- Hardware and Software Requirements
- Windows Vs Linux Versions
Installation and Setup
- Installation and Setup
- Installation Guide
- Licensing Applications Manager
- Using Update Manager
- Compare Editions
- Verifying Build Integrity
- Configuring MS SQL DB Backend
Best Practices
- Security Best Practices
- Common Best Practices
Getting Started
- Getting Started
- Prerequisites for Applications Manager
- Understanding Applications Manager
- Working with Applications Manager
Working with Monitor Groups
- Monitor Groups
- Creating Monitor Groups
- Associating Monitors to Monitor Groups
- Editing and Deleting a Monitor Group
- Deleting Monitors from Monitor Groups
- New Web Application Group
- Design Business Service
- VMware Virtual Infrastructure Groups
Performance Metrics
- Performance Metrics
- Create a New Monitor
- Viewing Performance Metrics
Monitor Types
- Monitor Types
- Application Servers
- Cloud Apps
- Converged Infrastructure
- Custom Monitors
- Database Servers
- ERP
- Mail Servers
- Middleware / Portal
- Servers
- Services
- Virtualization
- Web Server/Services
Digital Experience Monitoring (DEM)
- Overview
- DEM Features
APM (APM Insight)
- Overview
- Working
- Supported Platforms
- Data Exporter
- APM Metrics
- Configuration
  - Agent Configuration Options
  - Custom Instrumentation using Web Client
- Additional features
- APM Insight-RUM Integration
User Experience (EUM)
- End User Monitoring (EUM)
- Installing the EUM Agent
- Upgrade EUM Agent with Update Manager
- EUM Dashboard
- Release Notes
Real User Monitor (RUM)
- RUM Overview
- Working of RUM
- Upgrade RUM Agent with Update Manager
- Setting up RUM
- RUM Dashboard
- Monitoring User Sessions
- Monitoring ISP data
- Script Injection
- Counter Attributes
- Custom APIs
- User Privacy
- Licensing
- Release Notes
Alarms
- What is an Alarm?
- Alarm Details
- Global Alarm Configuration
- Threshold Profiles
- Anomaly Detection
- Actions
- Associating Threshold and Action with Attributes
- Bulk Alarm Configuration
- Configuring Dependencies, Alarm Rules
- Consecutive Polls
- Alarm Escalation
Settings
- Settings
- Discovery & Data Collection
- Alarm/Action
- Product Settings
- Integration with Portals
- Tools
- DB Scanner Tool
- Data Backup
- Bulk Config
- Production Environment
ADDM
- What is ADDM?
- Using ADDM
- Dependency Maps
- Auto Discovery
Reports
- Reports
- Grouping of Reports
- 7 / 30 Reports
- Advanced Reports
- Alarm Summary Reports
- Capacity Planning Reports
- Custom Query Reports
- Forecast Reports
- Inventory Reports
- SLA Management
  - SLA Management
  - Creating an SLA
- Report Configuration
Integrating ME/Third-party Applications
- ITSM Integrations
- Other Integrations
- Plugin for OpManager
Rest API
- What are REST APIs?
- V1 APIs
- V3 APIs
  - Introduction to V3 APIs
  - Alarms
    - List Alarms
Web Client
- Web Client
- Web Client Details
- Icon Representation
- Dashboards and Widgets
- NOC Views
- Custom Fields
- Mobile Web/iPhone App
- Bulk Import of Monitors
Enterprise Edition
- Overview
- Admin Server
- Managed Server
- Single Sign-On (SSO)
- Admin Activities
- Easy Upgrade
- Data Synchronization
Failover
- Overview
- Failover for Professional Edition
- Failover for Enterprise Edition
- Using PostgreSQL as backend DB
- Configuring Virtual IP (VIP)
Database Migrations
- Database Migrations
- MySQL to PostgreSQL Migration
- MySQL/PGSQL to MSSQL Migration
- PGSQL to SQL Server migration for Plug-in
Appendix
- Appendix
- Add-Ons Pricing
- Applications Manager Home
- Data Collection for Host Resource
- Discovery Filters
- Enabling CredSSP Authentication
- Enabling Powershell
- License Evaluation period extension
- Regular Expressions
- SNMP Agent Installation
- SNMP Agent Configuration
- Security/Firewall Requirements
- Supported Modems
- User Management Security Policy
- WinRM Prerequisites
- WMI Prerequisites
- Tomcat Server.xml
- Tomcat Users.xml
Product Resources
- Product Resources
- Best Practices
- Security Updates
- Forums and Blogs
- How-to Demos
- Troubleshooting
Glossary

AWS Web Application Firewall Monitoring

AWS Web Application Firewall - Overview

AWS Web Application Firewall (AWS WAF) is a security service that helps protect web applications from common web exploits and threats. It allows you to monitor and control incoming HTTPS requests based on customizable security rules, helping to prevent attacks such as SQL injection, cross-site scripting (XSS), and bot traffic.

Creating a new AWS Web Application Firewall monitor

To learn how to create a new AWS Web Application Firewall monitor, refer here.

Monitored Parameters

Go to the Monitors Category View by clicking the Monitors tab. Click on the Web Application Firewall instance available under Amazon in the Cloud Apps section. Displayed below is the Amazon Web Application Firewall bulk configuration view distributed into three tabs:

Availability tab gives the availability history for the past 24 hours or 30 days.
Performance tab gives the health status and events for the past 24 hours or 30 days.
List view tab enables you to perform bulk admin configurations.

By clicking a monitor from the list, you'll be taken to the AWS Web Application Firewall dashboard which includes the following tabs:

Performance Overview
Rules
Client Device Types
Configuration

Performance Overview

Parameter	Description
WAF REQUEST ACTIONS
Allowed Requests	The percentage of allowed web requests between the poll interval (in %).
Blocked Requests	The percentage of blocked web requests between the poll interval (in %).
Captcha Requests	The percentage of web requests subjected to CAPTCHA controls applied between the poll interval including all requests matching a CAPTCHA rule, regardless of the valid tokens (in %).
Challenge Requests	The percentage of web requests with challenge controls applied between the poll interval including all requests matching a Challenge rule, regardless of the valid tokens (in %).
REQUEST THROUGHPUT
Rate of Total Requests	The total number of requests passed through this webacl passing all the rules per minute between the poll interval (in requests/min).
Total Requests	The total number of requests passed through this webacl passing all the rules between the poll interval.
ALLOWED REQUESTS
Allowed Requests	The total number of allowed web requests between the poll interval.
BLOCKED REQUESTS
Blocked Requests	The total number of blocked web requests between the poll interval.
CAPTCHA REQUESTS
Captcha Requests	The total number of web requests subjected to CAPTCHA controls applied between the poll interval including all requests matching a CAPTCHA rule, regardless of the valid tokens.
Captchas Attempted	The total number of solutions that were submitted by an end user in response to a CAPTCHA puzzle challenge between the poll interval.
Captchas Solved	The total number of CAPTCHA puzzle solutions submitted that successfully solved the puzzle between the poll interval.
Captchas with Valid Token	The total number of web requests that had CAPTCHA controls applied and a valid CAPTCHA token between the poll interval.
CHALLENGE REQUESTS
Challenge Requests	The total number of web requests with challenge controls applied between the poll interval, including all requests matching a Challenge rule, regardless of the valid tokens.
Challenges with Valid Token	The total number of web requests that had challenge controls applied and had valid challenge tokens between the poll interval.
COUNTED REQUESTS
Counted Requests	The total number of web requests that match at least one of the rules between the poll interval.
PASSED REQUESTS
Passed Requests	The total number of web requests that go through a rule evaluation without matching any rules between the poll interval.

Rules

Parameter	Description
Rule Details
Priority	Specifies the evaluation order of rules in AWS WAF, where rules with lower priority values are processed first.
Rule Name	The name of the rule.
Rule Metric Name	The name of the Amazon Cloud watch metric dimension.
Action	The action that AWS WAF should take on a web request when it matches the rule statement.
Allowed	The total number of allowed web requests for the specific rule between the poll interval.
Blocked	The total number of blocked web requests for the specific rule between the poll interval.
Captcha	The total number of web requests subjected to CAPTCHA controls, applied for the specific rule between the poll interval, including all requests matching a CAPTCHA rule regardless of valid tokens.
Challenge	The total number of web requests subjected to Challenge controls, applied for the specific rule between the poll interval, including all requests matching a Challenge rule regardless of valid tokens.
Counted	The total number of web requests that match at least one of the rules for the specific rule between the poll interval.
Passed	The total number of requests that go through a rule evaluation without matching the specific rule between the poll interval.

Applications Manager displays a line graph for the top 5 rules, visualizing key request types such as Allowed Requests, Blocked Requests, Captcha Requests, Challenge Requests, Counted Requests, and Passed Requests.

Client Device Types

Parameter	Description
ALLOWED REQUESTS
Allowed via Desktop	The total number of allowed web requests from desktop devices between the poll interval.
Allowed via Mobile	The total number of allowed web requests from mobile devices between the poll interval.
Allowed via Tablet	The total number of allowed web requests from tablet devices between the poll interval.
BLOCKED REQUESTS
Blocked via Desktop	The total number of blocked web requests from desktop devices between the poll interval.
Blocked via Mobile	The total number of blocked web requests from mobile devices between the poll interval.
Blocked via Tablet	The total number of blocked web requests from tablet devices between the poll interval.
CAPTCHA REQUESTS
Captcha via Desktop	The total number of web requests which had captcha controls applied and passed through desktop devices between the poll interval.
Captcha via Mobile	The total number of web requests which had captcha controls applied and passed through mobile devices between the poll interval.
Captcha via Tablet	The total number of web requests which had captcha controls applied and passed through tablet devices between the poll interval.
CHALLENGE REQUESTS
Challenge via Desktop	The total number of web requests which had challenge controls applied and passed through desktop devices between the poll interval.
Challenge via Mobile	The total number of web requests which had challenge controls applied and passed through mobile devices between the poll interval.
Challenge via Tablet	The total number of web requests which had challenge controls applied and passed through tablet devices between the poll interval.
COUNTED REQUESTS
Counted via Desktop	The total number of web requests that matched at least one of the rules and passed through desktop devices between the poll interval.
Counted via Mobile	The total number of web requests that matched at least one of the rules and passed through mobile devices between the poll interval.
Counted via Tablet	The total number of web requests that matched at least one of the rules and passed through tablet devices between the poll interval.
PASSED REQUESTS
Passed via Desktop	The total number of requests that go through a rule evaluation without matching any rules through desktop devices between the poll interval.
Passed via Mobile	The total number of requests that go through a rule evaluation without matching any rules through mobile devices between the poll interval.
Passed via Tablet	The total number of requests that go through a rule evaluation without matching any rules through tablet devices between the poll interval.

Configuration

Parameter	Description
ACL ID	The unique identifier for the web ACL.
Cloudwatch Metric Name	A name of the Amazon CloudWatch metric dimension.
Description	A description of the web ACL that helps with identification.
Default Action	The action to perform if none of the rules in the WebACL match.
Capacity	The web ACL capacity units currently being used by this web ACL (in WCUs).

Was this content helpful?

We are sorry. Help us improve this page.

How can we improve this page?

Need more information on this topic

Need better screenshots

Need clear step by step instructions

Others

Do you need assistance with this topic?

Yes No

By clicking "Submit", you agree to processing of personal data according to the Privacy Policy.

Identity and access management

Unified service management

Unified endpoint management and security

IT operations management and observability

Security information and event management

Advanced IT analytics

Low-code app development

Cloud solutions for enterprise IT

IT management for MSPs

Active Directory management Manage, track, and secure Active Directory

Identity governance and administrationOrchestrate user identity management and access controls for Zero Trust

Privileged access managementControl and secure privileged access to critical enterprise systems

Enterprise and IT service managementDeliver a consistent employee experience across business functions

Customer service managementBuild a one-stop portal for customers with efficient account management

IT asset managementCentralize and automate the complete IT asset life cycle

SIEM Spot, investigate, and neutralize security threats

Log and compliance managementGain deeper visibility into security events and ensure compliance

Security auditingAudit Active Directory, cloud platforms and files to enhance your security posture

Endpoint management and protection platform (UEM and EPP)Secure and manage endpoints to protect your IT assets effectively

Endpoint managementAchieve intelligent IT device management with zero user intervention

Endpoint securityDefend against threat actors with proactive and reactive measures

Full-stack observability and digital experience monitoringAchieve end-to-end visibility, proactive issue resolution, and enhanced security

Network and server performance monitoringEnsure network, server, and storage reliability with AI-powered insights

IT incident managementEfficiently manage and resolve IT incidents while ensuring transparency

DNS and DHCP managementOptimize IP address and domain management

Cloud cost managementRight-size and take control of your cloud costs

IT analyticsConnect to your IT applications and visualize all facets of your IT

Cloud-native solutions for IT managementMonitor, manage, audit, and secure your multi-cloudand hybrid infrastructure

Business applications for ITBoost productivity and improve team collaboration

Custom solution builderBuild tailor-made apps to automate operations at your organization

Solutions for MSPsGrow your MSP business with scalable and secure IT management solutions

AWS Web Application Firewall Monitoring

AWS Web Application Firewall - Overview

Creating a new AWS Web Application Firewall monitor

Monitored Parameters

Performance Overview

Rules

Client Device Types

Configuration

How can we improve this page?

Do you need assistance with this topic?

Active Directory
management Manage, track, and secure Active Directory

Identity governance
and administrationOrchestrate user identity management and access controls for Zero Trust

Privileged access
managementControl and secure privileged access to critical enterprise systems

Enterprise and IT service
managementDeliver a consistent employee experience across business functions

Customer service
managementBuild a one-stop portal for customers with efficient account management

IT asset
managementCentralize and automate the complete IT asset life cycle

Network and server
performance monitoringEnsure network, server, and storage reliability with AI-powered insights

IT incident
managementEfficiently manage and resolve IT incidents while ensuring transparency

Cloud-native solutions for IT managementMonitor, manage, audit, and secure your multi-cloud
and hybrid infrastructure