centralized-logging-with-opensearch icon indicating copy to clipboard operation
centralized-logging-with-opensearch copied to clipboard

Published 20 hours ago verified publisher icon aws-solutions

(WAF): (已开启并配置WAF Logging的场景下,创建WAF Full request没有使用KDF中配置的s3 bucket prefix)

Open AlbertMingXu opened this issue 1 year ago • 0 comments

Describe the bug

已开启并配置WAF Logging的场景下,创建WAF Full request没有使用KDF中配置的s3 bucket prefix

Expected Behavior

如已开启WAF logging的情况,应使用WAF中配置的S3 bucket prefix作为 S3 notification的监听路径,否则无法采集到上传的WAF日志。

Current Behavior

代码中有获取KDF配置信息,但S3 notification的路径没有使用WAF配置中的S3 bucket prefix

Reproduction Steps

  1. 开启WAF Logging,选择Kinesis Data Firehose stream,指定Amazon Kinesis Data Firehose delivery stream
  2. 进入KDF配置页面,进入configure页面,修改destination settings,修改S3 bucket prefix - optional配置,如waf-cloudfront-website-web-acl-logs/ 3.进入LogHub Console,创建WAF Services log ingestion,WEB ACL选择之前开启Logging的ACL,Ingest Options选择Full request,提示信息如“The Web ACL has Access Log saved at s3:///AWSLogs//WAFLogs/cloudfront/CloudFrontWebACL3586e2btta/”,路径与KDF中配置的路径不同

Possible Solution

No response

Additional Information/Context

No response

Log Hub Version

v1.2.1

AWS Region. e.g., us-east-1

us-east-1

Other information

No response

AlbertMingXu avatar Dec 22 '22 01:12 AlbertMingXu