zmoog
commented
2 months ago Select a resource
- use an existing AWS Network Firewall
- create a new AWS Network Firewall for testing
- Set up logging
Use an existing AWS Network Firewall
Create a new AWS Network Firewall for testing
- Open the VPC service in the AWS console.
- Create a VPC and other networking resources.
- Create an AWS Network Firewall
- Set up the firewall policy
Open the VPC service in the AWS console
The best option to create a VPC for a quick test is to use the wizard in the AWS console.
Create a VPC and other networking resources
The default settings are fine, you only need to pick a good name for your VPC resources.
Create an AWS Network Firewall
Set up the firewall policy
- create a rule group
Deploy an EC2 to generate network traffic
- launch an EC2, select the VPC we just created, enable "Auto-assign public IP"
Set up logging
To enable logging, edit your firewall setting by opening the "Logging" section.
If you want to quickly check your Network Firewall logs before setting up Firehose, you can enable logging on CloudWatch, and then inspect the log events:
Visit CloudWatch and open your log group. If everything is working correctly, you will see something like this:
Goal
Suppose I own an AWS account, and I want to export AWS Firewall log events from AWS to an Elastic cluster.
Context
What are the AWS Network Firewall logs?
Requirements & Limitations
Preparation
Steps