AWS WAF and ELB logs integration

34 views

Skip to first unread message

krishna chaitany varm rudraraju

unread,

May 9, 2025, 5:51:36 AM5/9/25

to Wazuh | Mailing List

Hi Community ,

We are planning to do the integration of wazuh with AWS WAF and ELB logs integration , can you provide your inputs on this .

Thanks

Krishna

Bony V John

unread,

May 9, 2025, 6:42:51 AM5/9/25

to Wazuh | Mailing List

Hi,

To integrate AWS WAF logs with the Wazuh manager, you can follow the Wazuh AWS WAF integration documentation for step-by-step guidance.

For forwarding logs from AWS ELB/ALB to Wazuh, refer to the Wazuh ALB integration documentation.

During this integration process, always ensure that the appropriate AWS IAM policies are configured and applied correctly for each service.

Also note that for both integrations, you need to define an <aws_profile> in the Wazuh manager configuration. This profile allows Wazuh to access and query the AWS S3 buckets.

To create this AWS profile:

nano /root/.aws/credentials

Add the appropriate AWS credentials in the following format:

[default]
aws_access_key_id = <your_access_key>
aws_secret_access_key = <your_secret_key>

You can refer to the Wazuh credentials configuration documentation for more details.

Reply all

Reply to author

Forward

0 new messages