[aws_waf_otel] Content pack of EDOT Cloud Forwarder for AWS - Web Application Firewall (WAF) Logs

[mykola-elastic]

Content pack for EDOT Cloud Forwarder for AWS - WAF Logs - Dashboard

Proposed commit message

See title.

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.
• I have verified that any added dashboard complies with Kibana's Dashboard good practices

Screenshots

[mykola-elastic]

References to other dashboards:

• https://aws.amazon.com/blogs/security/introducing-the-aws-waf-traffic-overview-dashboard/
• https://grafana.com/grafana/dashboards/18380-aws-wafv2-stats/
• https://grafana.com/grafana/dashboards/20009-aws-waf/
• https://docs.dynatrace.com/docs/ingest-from/amazon-web-services/integrate-with-aws/aws-all-services/aws-service-wafv2
• https://www.datadoghq.com/blog/aws-waf-datadog/

Based on this the reasonable changes could be:

• adding a Map view
• somehow make it look fancier (I don't know yet)

cc @daniela-elastic

[mykola-elastic]

Another one: Table vs Bar

[mykola-elastic]

@ShourieG could you please add your thoughts/review on this PR?

[mykola-elastic]

We can add something like this (Map). If we do this I'll reshuffle panels a little

[alaudazzi]

Left a minor suggestion for a more accessible term. Otherwise, LGTM.

[stefans-elastic]

LGTM

[ShourieG]

LGTM from my end

[ishleenk17]

There is no mention of the word OpenTelemetry in the dashbaord title. Just from the look of the dashbaord one might not know that this is for OTEL data. Can we add that. @mykola-elastic

[mykola-elastic]

There is no mention of the word OpenTelemetry in the dashbaord title. Just from the look of the dashbaord one might not know that this is for OTEL data. Can we add that.

The dashboard title is not shown on the screenshot, the title is "[AWS WAF OTEL] AWS Web Application Firewall Logs Overview"

The Markdown panel header indeed doesn't contain the word OpenTelemetry, though it is consistent with all the other AWS OTEL CPs, header examples: "AWS VPC Flow Logs Overview", "AWS CloudTrail Logs Overview", "AWS ELB"

[elasticmachine]

💚 Build Succeeded

• Buildkite Build
• Commit: 1588345

History

• 💚 Build #34281 succeeded ae36480
• 💚 Build #34098 succeeded eb4ed86
• 💚 Build #34089 succeeded e2b1efd

cc @mykola-elastic

[botelastic]

Hi! We just realized that we haven't looked into this PR in a while. We're sorry! We're labeling this issue as Stale to make it hit our filters and make sure we get back to it as soon as possible. In the meantime, it'd be extremely helpful if you could take a look at it as well and confirm its relevance. A simple comment with a nice emoji will be enough :+1. Thank you for your contribution!

[ishleenk17]

Still relevant

[MichaelKatsoulis]

@ishleenk17 and @mykola-elastic I have tested this today and looks perfect. Now that we have a stable version with streaming in edot-cloud-forwarder we can come back to this. We will update the docs to reference AWS WAF in tech preview and in Q1 the goal is for aws waf to be GA.

[ishleenk17]

@MichaelKatsoulis : Thanks. Once we have this documented in tech preview, we will merge it.

[MichaelKatsoulis]

@ishleenk17 , @mykola-elastic documentation is updated with WAF. https://www.elastic.co/docs/reference/opentelemetry/edot-cloud-forwarder/aws

[mykola-elastic]

@MichaelKatsoulis Thanks!
I guess we can merge it now
cc @lalit-satapathy (we need your approval)

[ishleenk17]

@MichaelKatsoulis Thanks! I guess we can merge it now cc @lalit-satapathy (we need your approval)

Great. Approving the PR from integrations-triaging team.

[elastic-vault-github-plugin-prod]

Package aws_waf_otel - 0.1.0 containing this change is available at https://epr.elastic.co/package/aws_waf_otel/0.1.0/