In this guild, we will see how we can enable logging on OCI Load Balancer WAF that includes collecting Access logs. Furthermore, We can create dashboards for analyse logs easily.
Enable Logging on OCI Load Balancer WAF
- Go to the WAF policy -> Firewalls
- Enable Logs by creating seperate log group
Configure Log Ingestion from Load Balancer WAF to Logging Analytics
- Create Logging Analytics Group
- Create Service Connectors
- Source: Logging
- Target: Logging Analytics
- Logging Analytics group as target
Analyze Logs using Logging Analytics
To analyze logs using Logging Analytics, go to OCI Navigation Menu >> Observability & Management >> Logging Analytics >> Log Explorer
Import Dashboards
- Download JSON Files. Click Here
- Open each individual file, find all occurrences of “compartment-id”: “COMPARTMENT_ID” and replace “Compartment_ID” with your compartment ocid. In the end it should look like “compartment-id”: “ocid1.compartment.oc1..xxxxxxxxxx”
- Open up an OCI CLI and run:
oci management-dashboard dashboard import --from-json file://WAF_Access_rule_and_Rate_limiting.json