Visibility into DDoS events with Shield Advanced - Amazon WAF, Amazon Firewall Manager, and Amazon Shield Advanced
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Visibility into DDoS events with Shield Advanced

Amazon Shield provides visibility into the following categories of events and event activities:

  • Global – All customers can access an aggregated view of global threat activity over the last two weeks. You can see this information under the Getting Started and Global threat dashboard pages of the Amazon Shield console. For more information, see Viewing Amazon Shield global and account activity.

  • Account – All customers can access a summary of the events for their account over the prior year. You can see this information under the Getting Started page of the Amazon Shield console. For more information, see Viewing Amazon Shield global and account activity.

When you subscribe to Shield Advanced and add protections to your resources, you gain access to additional information about the events and DDoS attacks on the protected resources:

If you enable automatic application layer DDoS mitigation for an application layer protection, Shield Advanced adds a rule group to your web ACL that it uses to manage automated protections. This rule group generates Amazon WAF metrics, but they are not available to view. This is the same as for any other rule groups that you use in your web ACL but do not own, such as Amazon Managed Rules rule groups. For more information about Amazon WAF metrics, see Amazon WAF metrics and dimensions. For information about this Shield Advanced protection option, see Automating application layer DDoS mitigation with Shield Advanced .

Topics