Activating the NG-WAF generates the Log

I am enabling NG_WAF on my V-port, adding the command generates the following LOG:

A10(config-slb vserver-vport)#ng-waf
Warning: Can't find ng-waf log. Some errors may not be detected.

It is understood that once this command is executed and traffic is generated to the Virtual Server, this should be reported in the NG-WAF console, but it does not have the expected result, given this log.

I would appreciate any comments.

Comments

  • mdunnmdunn Member, A10ers ✭✭✭

    What version of ACOS are you running? Can you check the NGWAF status with:

    show ng-waf status

    You can also check the NGWAF stats from the CLI with:

    show ng-waf virtual_server_name vPort#

    Can you also check the system log for WAF events / errors with:

    sh log | i WAF

  • Hi Mdunn
    Thank you for answering my question, according to the previous review, I note that the NGWAF is configured correctly.

    I share with you the Logs, but however in my fastly platform the agent is not reported, nor do I see any data.

    A10Serenity#sh ng-waf status
    Agent Version: 4.62.0

    NGWAF status: <partition shared>
    Current status: RUNNING
    Agent name: A10Serenity-shared
    Access key ID: 06b58xxxxxxxxxxxxxx
    Secret access key: i5cmkxxxxxxxxxxxxxx
    Cache entries: 0
    Tracked custom signals: 0

    _______________________________________________
    A10Serenity#show ng-waf VS_NGWAF 80
    Requests
    Received 18
    Forwarded 18

    En los logs no se genera ningu error, por lo contrario sale licencia valida, y reinicio exitoso

  • matancematance Member, A10ers

    Hello Harold,

    I think you need to enter the site to be able to check the agent installed.

  • Hi matanza

    What verifications should I perform?

  • matancematance Member, A10ers

    Within the Dashboard: https://dashboard.signalsciences.net/

    You can see your sites. You need to enter the one you used to enter the agent keys into the ADC.

    #license-manager ng-waf-module access-key-id <xxxxxxxx>
    secret-access-key <xxxxxxxxxxx>

  • Hi Matance

    I have verified these keys and even made an update in my platform and it still does not appear. currently I only have one site.

    My A10

    my keys in fastly

  • mdunnmdunn Member, A10ers ✭✭✭
    edited January 20

    Do you have any internet filtering in place? Please confirm that the these domains are reachable via port 443 outbound. This can be either the data plane or management plane depending on your configuration:

    dl.signalsciences.net
    c.signalsciences.net
    wafconf.signalsciences.net
    sigsci-agent-wafconf.s3.amazonaws.com
    sigsci-agent-wafconf-us-west-2.s3.amazonaws.com
    

    Can you also check the system log for WAF events / errors with:

    sh log | i WAF

Sign In or Register to comment.