Posted On: Sep 1, 2021

AWS Firewall Manager now enables security administrators to specify which web requests to log and which requests to exclude from logs when using AWS WAF to inspect web traffic. If you use Firewall Manager security policies to centralize AWS WAF logging, you can now log only the information you want to analyze. By reducing the amount of log data stored, you can reduce your log delivery and storage costs.

You can enable log filtering in Firewall Manager when you create a Firewall Manager security policy. After you select the option to centralize your AWS WAF logs, you can choose to filter web requests based on rule actions, labels applied to web requests, or both. For each filter, you can indicate whether matching requests should be logged or discarded after processing. There is no additional cost for log filtering, but standard service charges for AWS Firewall Manager, AWS WAF, and AWS Config still apply.

Firewall Manager is a security management service that enables customers to centrally configure and deploy firewall rules across accounts and resources in their organization. With Firewall Manager, customers can deploy and monitor rules for AWS WAF, AWS Shield Advanced, VPC security groups, AWS Network Firewall, and Amazon Route 53 Resolver DNS Firewall across their entire organization. Firewall Manager ensures that all firewall rules are consistently enforced, even as new accounts and resources are created.

To get started, see the AWS Firewall Manager documentation for more details about AWS WAF log filtering and the AWS Region Table for the list of AWS regions where AWS Firewall Manager is currently available. To learn more about AWS Firewall Manager, including its features and pricing, please visit AWS Firewall Manager.