Tencent Cloud WAF Monitoring Integration
Utilize Site24x7 Tencent Cloud WAF Monitoring Integration to:
- Track total access requests and attacks detected to measure threat exposure in real time.
- Monitor CC (HTTP flood) attacks and bot access to identify automated threat patterns.
- Observe upstream 4xx and 5xx errors to detect issues between WAF and back-end servers.
- Correlate attack volumes with access trends for security incident investigation.
This help document contains instructions to set up Tencent Cloud WAF Monitoring Integration and related information.
Setup and configuration
During your Tencent Cloud monitor setup, if you have selected WAF in the Services/Resources drop-down, all your WAF resources will be auto-detected and monitored without the need to manually create a monitor for each resource.
If you haven't selected WAF during Tencent Cloud monitor creation, follow these instructions:
- Log in to your Site24x7 account.
- Go to Cloud > Tencent Cloud, select your Tencent Cloud monitor, then go to any of the dashboards on the left pane.
- Click the hamburger icon
and select Edit, which brings you to the Edit Tencent Cloud Monitor page. - On the Edit Tencent Cloud Monitor page, select WAF from the Services/Resources drop-down and click Save.
- After successful configuration, go to Cloud > Tencent Cloud > WAF. Now you can view the discovered resources.
Data collection frequency
Performance metrics of your Tencent Cloud WAF resources will be collected every five minutes and updated in the Site24x7 portal every five minutes by default; metrics are also collected based on the selected poll interval.
Supported metrics
| Metric name | Description | Unit |
|---|---|---|
| Total Access | Total number of HTTP requests processed by the WAF instance per second | Requests/second |
| Attacks Detected | Number of malicious requests identified and blocked or logged per second | Count/second |
| Bot Access | Number of requests identified as bot traffic per second | Requests/second |
| CC Attacks | Number of HTTP flood (CC) attack requests detected per second | Requests/second |
| Upstream 4xx Errors | Number of 4xx error responses received from back-end servers per second | Errors/second |
| Upstream 5xx Errors | Number of 5xx error responses received from back-end servers per second | Errors/second |
| Upstream Server Errors | Total number of error responses from upstream servers (all error codes) per second | Errors/second |
Threshold configuration
Global configuration
- Go to the Admin section in the left navigation pane.
- Select Configuration Profiles from the left pane and choose the Threshold and Availability (+) tab from the drop-down menu. Click Add Threshold Profile from the top-right corner.
- Set the monitor type as Tencent Cloud WAF. Now you can set the threshold values for all the metrics mentioned above.
Monitor-level configuration
- Go to Cloud > Tencent Cloud > WAF.
- Choose a resource for which you would like to set a threshold, then click the hamburger icon . Select Edit, which directs you to the Edit Tencent Cloud WAF Monitor page.
- You can set the threshold values for the metrics by selecting Threshold and Availability. You can also configure IT Automation at the attribute level.
IT Automation
Site24x7's IT Automation tools help with automatically resolving performance degradation issues. When a breach occurs, the alarm engine continuously examines the system events for which thresholds have been defined and performs the mapped automation.
How to configure IT Automation for a monitor
Configuration Rules
With Site24x7's Configuration Rules, you can set parameters like Threshold Profile, Notification Profile, Tags, and Monitor Group for multiple monitors and automate the configuration settings of your monitoring resources.
How to add a Configuration Rule
Related links:
How to add a Tencent Cloud monitor.
List of Tencent Cloud service types monitored.
How to configure IT Automations for a monitor.
How to add a Configuration Rule.