Hello, this is Nishiyama (id:tukaelu), CRE from the Mackerel team.
As mentioned in the title, we have added new metric targets that can be retrieved through linking with AWS WAF integration.
If you are using WAF for monitoring, it may have an impact on your usage fee due to changing microhosts. Please see below for details.
Contents of Specification Change
Support for managed rule monitoring
Until now, we have not supported managed rules monitoring, which is provided in AWS Marketplace, but in response to requests, we are now also supporting managed rules monitoring.
When using managed rules, if the IAM policy used for AWS integration has AWSWAFReadOnlyAccess
attached to it, or if the waf:ListSubscribedRuleGroups
, waf-regional:ListSubscribedRuleGroups
actions are valid, additional metrics related to managed rules can now be retrieved.
New metrics have been added
The additional metrics below can now be retrieved.
Metric | Metric name in Mackerel |
---|---|
RequestsWithValidCaptchaToken | waf.web_acl_requests.#.valid_captcha_token |
CaptchaRequests | waf.web_acl_requests.#.captcha |
For details regarding the metrics, please refer to the AWS documentation
Impact of the Specification Change
With this specification change, the maximum number of retrieved metrics will change as follows:
- Current
- Maximum of
4 × (number of rules) + 4<"ALL">
- Maximum of
- After the change
- Maximum of
6 x (number of rules) + 6<"ALL">
- Maximum of
The metrics retrieved from the AWS integration can be selected as desired through the configuration. They are retrieved by default, so please use an appropriate configuration based on your needs.