Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Unable to retrieve CloudFront WAF metrics #1268

Open
1 task done
thameezb opened this issue Jan 9, 2024 · 2 comments
Open
1 task done

[BUG] Unable to retrieve CloudFront WAF metrics #1268

thameezb opened this issue Jan 9, 2024 · 2 comments
Labels
bug Something isn't working

Comments

@thameezb
Copy link

thameezb commented Jan 9, 2024

Is there an existing issue for this?

  • I have searched the existing issues

YACE version

0.55.0

Config file

  apiVersion: v1alpha1
  sts-region: eu-central-1
  static:
    - namespace: AWS/WAFV2
      name: cloudfront_waf_metrics
      regions:
        - us-east-1
      dimensions:
      - name: Rule
        value: ALL
      metrics:
        - name: BlockedRequests
          statistics: [Sum]
          period: 60
          length: 60
        - name: AllowedRequests
          statistics: [Sum]
          period: 60
          length: 60
  discovery:
    jobs:
      - type: AWS/WAFV2
        regions:
          - eu-central-1
          - us-east-1
        period: 300
        length: 300
        metrics:
          - name: BlockedRequests
            statistics: [Sum]
          - name: AllowedRequests
            statistics: [Sum]

Current Behavior

Metrics are found for standard WAF in eu-central-1. However Cloudfront WAF metrics are not available.

When using dynamic config, No tagged resources made it through filtering error log is thrown.
When using static config, 0 metric is returned

Expected Behavior

Cloudfront WAF metrics are scraped as are standard WAF metrics

Steps To Reproduce

  • Deploy YACE with the current config file
  • Ensure a WAF is created for a CF distribution
  • Watch for metrics

Anything else?

I see the metrics in Cloudwatch UI and if I query Cloudwatch from Grafana
@thameezb thameezb added the bug Something isn't working label Jan 9, 2024
@municharan7
Copy link

Hi ,
Iam using waf for ALB and below is my config file

apiVersion: v1alpha1
discovery:
jobs:
- type: AWS/WAF
regions: - eu-central-1
period: 300 length: 300
metrics: - name: WebACLCount
statistics: [Sum] - name: RuleCount
statistics: [Sum]
- name: ActiveRuleCount
statistics: [Sum] - name: AllowedRequests
statistics: [Sum]
- name: BlockedRequests
statistics: [Sum]
- name: ByteMatchSetCount
statistics: [Sum] - type: AWS/Shield
regions: - eu-central-1 period: 300 length: 300
metrics:
- name: DDoSDetected
statistics: [Sum]
- name: DDoSAttackBitsPerSecond
statistics: [Sum]
- name: DDoSAttackRequestsPerSecond
statistics: [Sum]
- name: DDoSAttackViolations
statistics: [Sum]

      and getting this error
      {"caller":"main.go:211","level":"info","msg":"Parsing config","ts":"2024-02-01T09:13:00.496456327Z","version":"v0.55.0"}

{"caller":"main.go:68","err":"Couldn't read /tmp/config.yml: Discovery job [0]: Service is not in known list!: AWS/WAF","level":"error","msg":"Error running yace","ts":"2024-02-01T09:13:00.496871671Z","version":"v0.55.0"}

even i tried with changing type to AWS/WAFV2
then error is like no tagged resource

can anyone help me in this

@obrienrobert
Copy link

obrienrobert commented Mar 25, 2024
edited

I was also getting the No tagged resources made it through filtering error. According to the WAFV2 docs: You can't manage or view tags through the AWS WAF console.. Tagging the associated web ACL's using the AWS CLI allowed me to retrieve metrics. (v0.55.0)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@thameezb @obrienrobert @municharan7