stackoom
  简体   繁体   中英

How to know if the attack hit the preconfigure rules on google cloud armor?

 原文  2020-08-03 21:04:51       google-cloud-armor

Question

Im new on this field and i need some help. There is no log when the rules hit by attack. can anyone help me with this? where i can find kind of log of blocking by rules when attack happened? i've been reading the documentation and still got nothing, i'm so glad if you guys can help me

1 answers

solution1
 1 ACCPTED  2020-08-04 12:03:33

If you are using Cloud Armor with a load balancer on the stackdriver logs [ 1 ] you can see if some policy was applied.

On [ 2 ] you can find a log example:

  jsonPayload: { 
    @type:  "type.googleapis.com/google.cloud.loadbalancing.type.LoadBalancerLogEntry"
    enforcedSecurityPolicy: {
      configuredAction: "DENY"
      name: "my-policy"
      outcome: "DENY"
      priority: 50
    }
    statusDetails: "denied_by_security_policy"
  }

On the log you can see the configured action ACCEPT or DENY and the policy name.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Google Cloud Armor Google Cloud Armor rule partial URL encoded Google Cloud Armor doesn't seam to interpret reCaptcha enterprise score Why some rule actions are disabled in google cloud armor? Allow traffic from certain machines - Google Cloud Armor Error : API break when values("=?", "nc") passes in stage where cloud armor rules are defined How can i use cloud armor on nginx ingress controller? How can I annotate two different Cloud Armor BackendConfigs to of a service GCP Cloud armor Quota 'SECURITY_POLICY_RULES' exceeded. Limit: 0.0 globally error for Free tier account is there any google API to check and count number of Armor Policies rules defined under a project. i have to count number of custom rules
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM