This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.
Have been trying to get into the logs for the parser, clicking view logs in Cloud Watch within the lambda page brings
An error occurred while describing log streams.
The specified log group does not exist.
Log group does not exist
The specific log group: /aws/lambda/sandbox-test-waf-LogParser-XXXXXXX does not exist in this account or region.
To Reproduce
Ran the playbook, the WAF automation seems to be functioning otherwise and other log groups are created
Expected behavior
Presumably, a log group is created and viewable.
Please complete the following information about the solution:
[ ] Was the solution modified from the version published on this repository? No
[ ] Were there any errors in the CloudWatch Logs? Cloudformation stack doesn't seem to point to any errors
EDIT: presumably when the lambda is ran once it would've created the group, but I'm able to trigger flood attacks and get ip banned with hey and no logs are appearing anywhere
Have been trying to get into the logs for the parser, clicking view logs in Cloud Watch within the lambda page brings
To Reproduce Ran the playbook, the WAF automation seems to be functioning otherwise and other log groups are created
Expected behavior Presumably, a log group is created and viewable.
Please complete the following information about the solution:
EDIT: presumably when the lambda is ran once it would've created the group, but I'm able to trigger flood attacks and get ip banned with
hey
and no logs are appearing anywhere