New Relic infrastructure integrations now include an integration that sends your AWS Network Firewall metrics to New Relic. This document explains the integration's features, how to activate it, and what data is available for reporting.
Features
The AWS Network Firewall Metrics integration collects and sends telemetry data to New Relic from your AWS Network Firewall. You can monitor your AWS services, query incoming data, and build dashboards to observe everything at a glance.
Activate integration
To enable this integration, follow the instructions in our Amazon CloudWatch Metric Streams integration documentation.
Find and use data
To find your integration's metrics:
- Go to one.newrelic.com > All capabilities
- Select Metrics and events
- Filter by
aws.networkfirewall.
Metric data
This New Relic infrastructure integration collects the following AWS Network Firewall metrics:
AWS Network Firewall Metric data
Metric (min, max, average, count, sum) | Unit | Description |
|---|---|---|
| Count | Number of packets dropped due to rule actions. Reporting criteria: There is a nonzero value. |
| Count | Number of packets dropped for failing packet validation due to issues with the packet. Reporting criteria: There is a nonzero value. |
| Count | Number of packets dropped due to reasons other than those described by |
| Count | Number of packets inspected for a firewall policy or stateless rule group for which a custom action is defined. This metric is only used for the dimension |
| Count | Number of packets that the Network Firewall firewall allowed through to their destinations. Reporting criteria: There is a nonzero value. |
| Count | Number of packets received by the Network Firewall firewall. Reporting criteria: There is a nonzero value. |
| Count | Number of packets rejected due to Reject stateful rule actions. Reporting criteria: There is a nonzero value. |
| Count | Number of packets matching the firewall policy's stream exception policy. Reporting criteria: There is a nonzero value. |
| Count | Number of packets dropped by Network Firewall while inspecting SSL/TLS packets. Reporting criteria: There is a nonzero value. |
| Count | Number of errors observed by Network Firewall while inspecting SSL/TLS packets. Reporting criteria: There is a nonzero value. |
| Count | Number of packets passed by Network Firewall while inspecting SSL/TLS packets. Reporting criteria: There is a nonzero value. |
| Count | Number of SSL/TLS packets received by the Network Firewall firewall. Reporting criteria: There is a nonzero value. |
| Count | Number of packets rejected by Network Firewall while inspecting SSL/TLS packets. Reporting criteria: There is a nonzero value. |
| Count | The number of SSL/TLS connections to TLS servers whose certificates have been confirmed as not revoked. Reporting criteria: There is a nonzero value. |
| Count | The number of SSL/TLS connections to TLS servers whose certificates have been confirmed as revoked. Reporting criteria: There is a nonzero value. |
| Count | The number of SSL/TLS connections to TLS servers whose certificates revocation status is unknown or could not be determined by the firewall. This can occur when the OCSP responder for a server certificate returns an unknown status, or when the firewall is unable to connect to the CRL or OCSP endpoints provided in the certificate. Reporting criteria: There is a nonzero value. |
| Count | Number of SSL/TLS connections that timed out during SSL/TLS inspection by Network Firewall. Reporting criteria: There is a nonzero value. |
AWS Network Firewall dimensions
Dimension | Description |
|---|---|
| Availability Zone in the Region where the Network Firewall firewall is active. |
| Dimension for a publish metrics custom action that you defined. You can define this for a rule action in a stateless rule group or for a stateless default action in a firewall policy. |
| Rules engine that processed the packet. The value for this is either Stateful or Stateless. |
| Name that you specified for the Network Firewall firewall. |