Analyze AWS Network Firewall logs using Amazon OpenSearch dashboard
Security Blog
This article explains how to analyze AWS Network Firewall logs using Amazon OpenSearch dashboards, which streamlines the process compared to previous manual methods.
- New OpenSearch dashboard simplifies Network Firewall log analysis without extra configuration steps
- Network Firewall generates three log types: flow logs, alert logs, and TLS logs
- Create OpenSearch integration via CloudWatch Settings with optional KMS encryption
- Configure IAM permissions for log access and dashboard viewing
- Build AWS Network Firewall dashboard selecting log groups and 5-minute sync frequency
- Dashboard provides visualizations: top talkers, protocols, alert analysis, firewall engines
- Use filters for source/destination addresses, protocols, actions, firewall names
- Inspect widgets for detailed analysis and CSV export capabilities
- Use cases: identify unusual traffic, monitor rule effectiveness, troubleshoot connectivity, verify compliance
OpenSearch dashboards transform Network Firewall data into actionable insights for real-time threat detection, compliance monitoring, and security optimization.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Feb 18
2025
2025
Visualize AWS Network Firewall logs with Amazon QuickSight dashboards
Jul 28
2025
2025
Amazon CloudWatch and Amazon OpenSearch Service launch pre-built dashboard for AWS Network Firewall
Jun 4
2025
2025
AWS Network Firewall launches new monitoring dashboard
Dec 12
2024
2024
Introducing the AWS Network Firewall CloudWatch Dashboard
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.