I want to implement some AWS WAF rules but I need more knowledge of the quantity (origin, resource, etc) of requests that come through my loadbalancer.
Can I skip ALB logs and get logs for requests to ALB using WAF? Or, does WAF only produce logs when the request matches a rule in an WAF ACL / ruleset?
Thanks.
WAF will log all requests, however you may still want the ALB logs as the WAF logs do not contain any information about the response provided by your back end systems/the ALB. So if you are looking for data about time taken, response code or response size, you still need the ALB logs.
The list of WAF log fields can be found here: https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html
ALB log fields are here: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html#access-log-entry-format
