Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Enable Logging for AWS WAFv2 Web ACLs Rule

Ensure logging is enabled on AWS WAFv2 regional and global web access control lists.

RuleLogging should be enabled on AWS WAFv2 regional and global web access control list (ACLs)
FrameworkFederal Financial Institutions Examination Council (FFIEC)
Severity
Low

Logging Rule for AWS WAFv2 Regional and Global Web ACLs

Description

To comply with the Federal Financial Institutions Examination Council (FFIEC) logging requirements, it is necessary to enable logging on AWS WAFv2 regional and global Web Access Control Lists (ACLs). Logging will capture valuable information about web traffic and potential security threats, enabling better analysis, monitoring, and compliance auditing.

Policy Details

  2. 1.
    Logging should be enabled on AWS WAFv2 regional and global Web ACLs.
  4. 2.
    Logs should include details such as request headers, request body, and response headers.
  6. 3.
    Logs should be stored in a secure and resilient location for future reference and analysis.

Troubleshooting Steps

In case logging is not working as expected, follow the troubleshooting steps below:

  2. 1.
    Ensure that the AWS WAFv2 logging feature is enabled.
  4. 2.
    Check if the IAM roles associated with the AWS WAFv2 resources have sufficient permissions to write logs to the chosen storage location.
  6. 3.
    Verify if the chosen storage location has available storage space and is accessible.
  8. 4.
    Review any error messages in the AWS WAFv2 logging settings or related logs for more information.
  10. 5.
    If the issue persists, consider contacting AWS support for further assistance.

Necessary Codes (if applicable)

No specific codes are required for this rule.

Step-by-Step Guide for Remediation

1. Enable Logging on AWS WAFv2 Regional and Global Web ACLs

  2. 1.
    Login to the AWS Management Console.
  4. 2.
    Navigate to the AWS WAFv2 service.
  6. 3.
    Select the Web ACLs option from the left-side menu.
  8. 4.
    Choose the regional or global Web ACL for which you want to enable logging.
  10. 5.
    Click on the Logging tab.
  12. 6.
    Toggle the Enable Logging option to enable logging for the selected Web ACL.
  14. 7.
    Configure the logging details such as log destination, log format, and retention period as per your requirements.

2. Verify Log Details and Storage

  2. 1.
    Once logging is enabled, ensure that the specified log destination is valid and accessible.
  4. 2.
    Validate that the logs contain the necessary information, including request headers, request body, and response headers.
  6. 3.
    Review the log files periodically to ensure continuous logging and to detect any anomalies or issues.

Note

Enabling logging on AWS WAFv2 regional and global Web ACLs will incur additional charges for storing the logs in the chosen storage location. Make sure to monitor the costs and adjust the retention period as necessary to prevent unexpected expenses.

Following these steps will ensure that logging is enabled on AWS WAFv2 regional and global Web ACLs, allowing compliance with the FFIEC logging requirements and enhancing security monitoring and analysis capabilities.

Is your System Free of Underlying Vulnerabilities?
Find Out Now