diff --git a/docs/integrations/amazon-aws/application-load-balancer.md b/docs/integrations/amazon-aws/application-load-balancer.md
index b5ec3c9567..3712b237a0 100644
--- a/docs/integrations/amazon-aws/application-load-balancer.md
+++ b/docs/integrations/amazon-aws/application-load-balancer.md
@@ -1,7 +1,7 @@
---
id: application-load-balancer
title: AWS Application Load Balancer
-description: The Sumo Logic App for AWS Elastic Load Balancing ULM - Application is a unified logs and metrics (ULM) App that gives you visibility into the health of your Application Load Balancer and target groups.
+description: The Sumo Logic app for AWS Elastic Load Balancing ULM - Application is a unified logs and metrics (ULM) app that gives you visibility into the health of your Application Load Balancer and target groups.
---
import useBaseUrl from '@docusaurus/useBaseUrl';
@@ -10,7 +10,7 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
The AWS Application Load Balancer functions at the application layer, receives requests, evaluates the listener rules in priority order to determine which rule to apply, and then selects a target from the target group.
-The Sumo Logic App for AWS Application Load Balancing uses logs and metrics to give you visibility into the health of your Application Load Balancer and target groups. Use the pre-configured dashboards to understand the latency, request and host status, threat intel, and HTTP backend codes by availability zone and target group.
+The Sumo Logic app for AWS Application Load Balancing uses logs and metrics to give you visibility into the health of your Application Load Balancer and target groups. Use the pre-configured dashboards to understand the latency, request and host status, threat intel, and HTTP backend codes by availability zone and target group.
## Log types
@@ -105,7 +105,7 @@ import Aws3 from '../../reuse/apps/create-aws-s3-source.md';
### Field Extraction Rule(s)
-Create Field Extraction Rule for AWS Application Load Balancer Access Logs. Learn how to create Field Extraction Rule [here](/docs/manage/field-extractions/create-field-extraction-rule).
+Create Field Extraction Rule (FER) for AWS Application Load Balancer Access Logs. Learn how to create Field Extraction Rule [here](/docs/manage/field-extractions/create-field-extraction-rule).
```sql
Rule Name: AwsObservabilityAlbAccessLogsFER
@@ -117,7 +117,27 @@ Scope (Specific Data): account=* region=* (http or https or h2 or grpcs or ws or
parse "* * * * * * * * * * * * \"*\" \"*\" * * * \"*\"" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId | tolowercase(loadbalancer) as loadbalancer | fields loadbalancer
```
-## Installing the AWS Application Load Balancer App
+#### Create/Update Field Extraction Rule(s) for Application Load Balancer CloudTrail logs
+
+```sql
+Rule Name: AwsObservabilityALBCloudTrailLogsFER
+Applied at: Ingest Time
+Scope (Specific Data): account=* eventSource eventName "elasticloadbalancing.amazonaws.com" "2015-12-01"
+```
+
+```sql title="Parse Expression"
+json "eventSource", "awsRegion", "recipientAccountId", "requestParameters.name", "requestParameters.type", "requestParameters.loadBalancerArn", "apiVersion" as event_source, region, accountid, loadbalancer, loadbalancertype, loadbalancerarn, api_version nodrop
+|"" as namespace
+| where event_source = "elasticloadbalancing.amazonaws.com" and api_version matches "2015-12-01"
+| parse field=loadbalancerarn ":loadbalancer/*/*/*" as balancertype, loadbalancer, f1 nodrop
+| if(loadbalancertype matches "network", "aws/nlb", if(balancertype matches "net", "aws/nlb", namespace)) as namespace
+| if(loadbalancertype matches "application", "aws/applicationelb", if(balancertype matches "app", "aws/applicationelb", namespace)) as namespace
+| where namespace="aws/applicationelb" or isEmpty(namespace)
+| toLowerCase(loadbalancer) as loadbalancer
+| fields region, namespace, loadbalancer, accountid
+```
+
+## Installing the AWS Application Load Balancer app
Now that you have set up collection for AWS Application Load Balancer, install the Sumo Logic App to use the pre-configured searches and dashboards that provide visibility into your environment for real-time analysis of overall usage.
@@ -125,7 +145,7 @@ import AppInstall from '../../reuse/apps/app-install.md';
-## Viewing AWS Application Load Balancer Dashboards
+## Viewing AWS Application Load Balancer dashboards
### Overview
@@ -137,7 +157,7 @@ Use this dashboard to:
* Monitor trends for load balancers errors, 4XX, and 5XX errors, as well as healthy and unhealthy hosts.
* Monitor the current state across all load balancers through active connections, new connections, target connection errors, and rejected connections.
-})
+
### Response Analysis
@@ -147,7 +167,7 @@ Use this dashboard to:
* Monitor incoming client locations for all 5XX, 4XX, and 3XX error responses.
* Quickly correlate error responses using load balancer access logs and AWS CloudWatch metrics to determine the possible cause for failures and decide corrective actions.
-})
+
### Target Group Response Analysis
@@ -157,7 +177,7 @@ Use this dashboard to:
* Monitor trends of all response codes for your target groups by LoadBalancer, Target Group, and availability zones.
* Correlate response code trends across load balancer access logs and CloudWatch metrics to determine the root cause for failures.
-})
+
### Latency Overview
@@ -167,7 +187,7 @@ Use this dashboard to:
* Monitor response times by load balancer, target group, and availability zone.
* Monitor client latency and processing times for target groups.
-})
+
### Latency Details
@@ -176,7 +196,7 @@ The **AWS Application Load Balancer - Latency Details** dashboard provides insig
Use this dashboard to:
* Troubleshoot load balancer performance through detailed views across client, request processing, and response time latencies.
-})
+
### Connection and Host Status
@@ -186,7 +206,7 @@ Use this dashboard to:
* Monitor active connections, new connections, rejected connections, and connection errors for the load balancer.
* Monitor healthy and unhealthy host counts by the load balancer, target group, and availability zone across your infrastructure.
-})
+
### Requests and Processed Bytes
@@ -196,7 +216,7 @@ Use this dashboard to:
* Monitor client request load, network traffic, and processed bytes to determine how to best configure load balancers for optimal performance.
* Determine how to best allocate backend resources and target groups based on load.
-})
+
### Threat Intel
@@ -206,4 +226,16 @@ Use this dashboard to:
* Identify known malicious IPs that access your load-balancers and use firewall access control lists to prevent them from sending you traffic going forward.
* Monitor the malicious confidence level for all incoming malicious IP addresses the threats.
-})
+
+
+### CloudTrail Audit
+
+The **AWS Application Load Balancer - CloudTrail Audit** dashboard provides a comprehensive overview of AWS Application Load Balancer activities through CloudTrail audit logs. It visualizes successful and failed events globally, event trends, error details, and user activities, offering insights into load balancer performance, security, and usage patterns.
+
+Use this dashboard to:
+* Monitor the geographical distribution of successful and failed load balancer events, allowing for quick identification of regions with high activity or potential issues.
+* Track the overall success rate of load balancer events and analyze trends over time, helping to identify any sudden changes or patterns in performance.
+* Investigate specific error events, including their details, frequency, and associated users, enabling faster troubleshooting and resolution of issues.
+* Identify the most common error types and the users experiencing the highest failure rates, facilitating targeted improvements and user support.
+
+})
diff --git a/docs/integrations/amazon-aws/classic-load-balancer.md b/docs/integrations/amazon-aws/classic-load-balancer.md
index 7719cf2f2b..20189ffb5a 100644
--- a/docs/integrations/amazon-aws/classic-load-balancer.md
+++ b/docs/integrations/amazon-aws/classic-load-balancer.md
@@ -1,7 +1,7 @@
---
id: classic-load-balancer
title: AWS Classic Load Balancer
-description: The Sumo Logic App for AWS Elastic Load Balancing Classic is a unified logs and metrics (ULM) App which helps you monitor the classic load balancer.
+description: The Sumo Logic app for AWS Elastic Load Balancing Classic is a unified logs and metrics (ULM) app which helps you monitor the classic load balancer.
---
import useBaseUrl from '@docusaurus/useBaseUrl';
@@ -10,9 +10,9 @@ import useBaseUrl from '@docusaurus/useBaseUrl';
AWS Elastic Load Balancer Classic distributes the incoming application traffic across multiple EC2 instances in multiple Availability Zones.
-The Sumo Logic App for AWS Elastic Load Balancer Classic is a unified logs and metrics App that helps you monitor the classic load balancer. The preconfigured dashboards provide information on the latency, HTTP backend codes, requests, and host status, that help you investigate the issues in the load balancer.
+The Sumo Logic app for AWS Elastic Load Balancer Classic is a unified logs and metrics App that helps you monitor the classic load balancer. The preconfigured dashboards provide information on the latency, HTTP backend codes, requests, and host status, that help you investigate the issues in the load balancer.
-## Log and Metric Types
+## Log and metric types
ELB logs are stored as *.log files in the buckets you specify when you enable logging. The process to enable collection for these logs is described in [AWS ELB Enable Access Logs](http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-access-logs.html).
@@ -26,7 +26,7 @@ The log format is described in [AWS ELB Access Log Collection](http://docs.aws.a
For details on AWS Classic Load Balancer metrics, see [here](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-cloudwatch-metrics.html).
-### Sample Access Log Message
+### Sample access log message
```json
2017-11-06T23:20:38 stag-www-lb 250.38.201.246:56658 10.168.203.134:23662 0.007731 0.214433 0.000261 404 200 3194 123279 \
@@ -62,7 +62,6 @@ loadbalancername={{loadbalancername}} metric=HTTPCode_ELB_4XX \
Statistic=Sum | sum by account, region, namespace, loadbalancername
```
-
## Collecting logs and metrics for the AWS Classic Load Balancer
### Collect Metrics for AWS Classic Load Balancer
@@ -85,7 +84,7 @@ See [Configure a Hosted Collector](/docs/send-data/hosted-collectors/configure-h
#### Prerequisites
-Before you can begin to use the AWS Elastic Load Balancing (ELB) Application App, complete the following steps:
+Before you can begin to use the AWS Elastic Load Balancing (ELB) App, complete the following steps:
1. [Grant Sumo Logic access](/docs/send-data/hosted-collectors/amazon-aws/grant-access-aws-product) to an Amazon S3 bucket.
2. [Enable Application Load Balancer logging](http://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-access-logs.html#enable-access-logging) in AWS.
@@ -114,11 +113,7 @@ Rule Name: AwsObservabilityElbAccessLogsFER
Applied at: Ingest Time
Scope (Specific Data): account=* region=* _sourceCategory=aws/observability/clb/logs
```
-
-
-**Parse Expression**:
-
-```sql
+```sql title="Parse Expression"
| parse "* * * * * * * * * * * \"*\" \"*\" * *" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol
| parse regex field=datetime "(?\d{0,4}-\d{0,2}-\d{0,2}T\d{0,2}:\d{0,2}:\d{0,2}\.\d+Z)"
| where !isBlank(loadbalancername) and !isBlank(datetimevalue)
@@ -127,96 +122,122 @@ Scope (Specific Data): account=* region=* _sourceCategory=aws/observability/clb/
| fields loadbalancername, namespace
```
+#### Create/Update Field Extraction Rule(s) for Classic Load Balancer CloudTrail logs
-## Install the AWS Classic Load Balancer App
+```sql
+Rule Name: AwsObservabilityCLBCloudTrailLogsFER
+Applied at: Ingest Time
+Scope (Specific Data): account=* eventSource eventName "elasticloadbalancing.amazonaws.com" "2012-06-01"
+```
-Now that you have set up a collection for AWS Classic Load Balancer, install the Sumo Logic App to use the pre-configured searches and dashboards that provide visibility into your environment for real-time analysis of overall usage.
+```sql title="Parse Expression"
+json "eventSource", "awsRegion", "recipientAccountId", "requestParameters.loadBalancerName" as event_source, region, accountid, loadbalancername nodrop
+| where event_source = "elasticloadbalancing.amazonaws.com"
+| toLowerCase(loadbalancername) as loadbalancername
+| "aws/elb" as namespace
+| fields region, namespace, loadbalancername, accountid
+```
+
+## Install the AWS Classic Load Balancer app
+
+Now that you have set up a collection for AWS Classic Load Balancer, install the Sumo Logic app to use the pre-configured searches and dashboards that provide visibility into your environment for real-time analysis of overall usage.
import AppInstall from '../../reuse/apps/app-install.md';
-## Viewing the AWS Classic Load Balancer Dashboards
+## Viewing the AWS Classic Load Balancer dashboards
-### 1. AWS Classic Load Balancer - Overview
+### Overview
-**AWS Classic Load Balancer - Overview** dashboard provides visibility into the health of your Classic Load Balancer, with at-a-glance views of latency, request and host status, requests from malicious sources, and HTTP backend codes.
+The **AWS Classic Load Balancer - Overview** dashboard provides visibility into the health of your Classic Load Balancer, with at-a-glance views of latency, request and host status, requests from malicious sources, and HTTP backend codes.
Use this dashboard to:
-* Monitor requests to each load balancer to ensure the load is being distributed as desired
-* Monitor trends for load balancers errors, 4xx and 5xx errors, as well as healthy and unhealthy hosts
-* Monitor the current state across all load balancers via active connections, new connections, backend connection errors, and rejected connections
+* Monitor requests to each load balancer to ensure the load is being distributed as desired.
+* Monitor trends for load balancers errors, 4xx and 5xx errors, as well as healthy and unhealthy hosts.
+* Monitor the current state across all load balancers via active connections, new connections, backend connection errors, and rejected connections.
-})
+
-### 1. AWS Classic Load Balancer - Response Analysis
+### Response Analysis
-**AWS Classic Load Balancer - Response Analysis** dashboard provides insights into how your load balancers respond to clients.
+The **AWS Classic Load Balancer - Response Analysis** dashboard provides insights into how your load balancers respond to clients.
Use this dashboard to:
-* Monitor incoming client locations for all 5XX, 4XX and 3XX error responses.
+* Monitor incoming client locations for all 5XX, 4XX, and 3XX error responses.
* Quickly correlate error responses using load balancer access logs and AWS CloudWatch metrics to determine the possible cause for failures and decide corrective actions.
-})
+
-### 2. AWS Classic Load Balancer - Backend Response Analysis
+### Backend Response Analysis
The **AWS Classic Load Balancer - Backend Response Analysis** dashboard provides insights into how various backend servers respond to client requests.
Use this dashboard to:
* Monitor trends of all response codes for your backend servers by LoadBalancer and availability zones.
-* Correlate response code trends across load balancer access logs and CloudWatch metrics to determine the root cause for failures
+* Correlate response code trends across load balancer access logs and CloudWatch metrics to determine the root cause for failures.
-})
+
-### 3. AWS Classic Load Balancer - Latency Overview
+### Latency Overview
-**The AWS Classic Load Balancer - Latency Overview** dashboard provides insights into load balancers' response times and availability zones, including backend log response times.
+The **The AWS Classic Load Balancer - Latency Overview** dashboard provides insights into load balancers response times and availability zones, including backend log response times.
Use this dashboard to:
* Monitor response times by load balancer, and availability zone.
* Monitor client latency and processing times for backend servers.
-})
+
-### 4. AWS Classic Load Balancer - Latency Details
+### Latency Details
-**The AWS Classic Load Balancer - Latency Details** dashboard provides insights into client latency by domain and ELB server and processing times by ELB server throughout your infrastructure.
+The **The AWS Classic Load Balancer - Latency Details** dashboard provides insights into client latency by domain and ELB server and processing times by ELB server throughout your infrastructure.
-Use this dashboard to:
-* Troubleshoot load balancer performance via detailed views across client, request processing and response time latencies.
+Use this dashboard to troubleshoot load balancer performance via detailed views across client, request processing, and response time latencies.
-})
+
-### 5. AWS Classic Load Balancer - Connection and Host Status
+### Connection and Host Status
-**The AWS Classic Load Balancer - Connection and Host Status** dashboard provides insights into active and rejected connections, backend connection errors, and healthy and unhealthy hosts.
+The **AWS Classic Load Balancer - Connection and Host Status** dashboard provides insights into active and rejected connections, backend connection errors, and healthy and unhealthy hosts.
Use this dashboard to:
-* Monitor active connections, new connections, rejected connections, and connection errors for load balancers
-* Monitor healthy and unhealthy host counts by the load balancer and availability zone across your infrastructure
+* Monitor active connections, new connections, rejected connections, and connection errors for load balancers.
+* Monitor healthy and unhealthy host counts by the load balancer and availability zone across your infrastructure.
-})
+
-### 6. AWS Classic Load Balancer - Requests and Processed Bytes
+### Requests and Processed Bytes
-**AWS Classic Load Balancer - Requests and Processed Bytes** dashboard provides insights into client requests, network traffic, and processed data.
+The **AWS Classic Load Balancer - Requests and Processed Bytes** dashboard provides insights into client requests, network traffic, and processed data.
Use this dashboard to:
-* Monitor client request load, network traffic, and processed bytes to determine how to configure load balancers for optimal performance best
-* Determine how to allocate best backend resources based on load
+* Monitor client request load, network traffic, and processed bytes to determine how to configure load balancers for optimal performance best.
+* Determine how to allocate best backend resources based on load.
-})
+
-### 7. AWS Classic Load Balancer - Threat Intel
+### Threat Intel
-**AWS Classic Load Balancer - Threat Intel** dashboard provides insights into incoming requests from malicious sources determined via [Sumo Logic’s Threat Intel feature](/docs/integrations/security-threat-detection/threat-intel-quick-analysis#threat-intel-faq). Panels show detailed information on malicious IPs and the malicious confidence of each threat
+The **AWS Classic Load Balancer - Threat Intel** dashboard provides insights into incoming requests from malicious sources determined via [Sumo Logic’s Threat Intel feature](/docs/integrations/security-threat-detection/threat-intel-quick-analysis#threat-intel-faq). Dashboard panels show detailed information on malicious IPs and the malicious confidence of each threat.
Use this dashboard to:
-* Identify known malicious IPs that are accessing your load-balancers and use firewall access control lists to prevent them from sending you traffic going forward
+* Identify known malicious IPs that are accessing your load-balancers and use firewall access control lists to prevent them from sending you traffic going forward.
* Monitor malicious confidence level for all incoming malicious IP addresses posing the threats.
-})
+
+
+### CloudTrail Audit
+
+The **AWS Classic Load Balancer - CloudTrail Audit** dashboard provides a comprehensive overview of activities through CloudTrail audit logs. It visualizes successful and failed events globally, event trends, error details, and user activities, offering insights into load balancer performance, security, and usage patterns.
+
+Use this dashboard to:
+* Monitor the geographical distribution of successful and failed load balancer events, allowing for quick identification of regions with high activity or potential issues.
+* Track the overall success rate of load balancer events and analyze trends over time, helping to identify sudden changes or patterns in the performance.
+* Investigate specific error events, including their details, frequency, and associated users, enabling faster troubleshooting and resolution of issues.
+* Identify the most common error types and the users experiencing highest failure rates, facilitating targeted improvements and user support.
+
+})
\ No newline at end of file
diff --git a/docs/integrations/amazon-aws/network-load-balancer.md b/docs/integrations/amazon-aws/network-load-balancer.md
index bdb3aec759..ef9475a0a7 100644
--- a/docs/integrations/amazon-aws/network-load-balancer.md
+++ b/docs/integrations/amazon-aws/network-load-balancer.md
@@ -40,6 +40,29 @@ Namespace for **Amazon Network Load Balancer** Service is **AWS/NetworkELB.**
1. Search for the “**networkloadbalancer**” field.
1. If not present, create it. Learn how to create and manage fields [here](/docs/manage/fields.md#manage-fields).
+### Field Extraction Rule(s)
+
+Create Field Extraction Rule for AWS Network Load Balancer Access Logs. Learn how to create Field Extraction Rule [here](/docs/manage/field-extractions/create-field-extraction-rule).
+
+#### Create/Update Field Extraction Rule(s) for Network Load Balancer CloudTrail logs
+
+```sql
+Rule Name: AwsObservabilityNLBCloudTrailLogsFER
+Applied at: Ingest Time
+Scope (Specific Data): account=* eventSource eventName "elasticloadbalancing.amazonaws.com" "2015-12-01"
+```
+
+```sql title="Parse Expression"
+json "eventSource", "awsRegion", "recipientAccountId", "requestParameters.name", "requestParameters.type", "requestParameters.loadBalancerArn", "apiVersion" as event_source, region, accountid, networkloadbalancer, loadbalancertype, loadbalancerarn, api_version nodrop
+|"" as namespace
+| where event_source = "elasticloadbalancing.amazonaws.com" and api_version matches "2015-12-01"
+| parse field=loadbalancerarn ":loadbalancer/*/*/*" as balancertype, networkloadbalancer, f1 nodrop
+| if(loadbalancertype matches "network", "aws/nlb", if(balancertype matches "net", "aws/nlb", namespace)) as namespace
+| if(loadbalancertype matches "application", "aws/applicationelb", if(balancertype matches "app", "aws/applicationelb", namespace)) as namespace
+| where namespace="aws/nlb" or isEmpty(namespace)
+| toLowerCase(networkloadbalancer) as networkloadbalancer
+| fields region, namespace, networkloadbalancer, accountid
+```
### Metric Rules
@@ -55,15 +78,13 @@ Save it
## Installing the AWS Network Load Balancer app
-This section has instructions for installing the Sumo Logic app for **AWS Network Load Balancer** and descriptions of each of the app dashboards along with associated use cases.
-
Now that you have set up a collection for **AWS Network Load Balancer**, install the Sumo Logic app to use the pre-configured dashboards that provide visibility into your environment for real-time analysis of overall usage.
import AppInstall from '../../reuse/apps/app-install.md';
-## Viewing AWS Network Load Balancer Dashboards
+## Viewing AWS Network Load Balancer dashboards
import FilterDashboards from '../../reuse/filter-dashboards.md';
@@ -71,80 +92,79 @@ import FilterDashboards from '../../reuse/filter-dashboards.md';
### Overview
-**The AWS Network Load Balancer - Overview** dashboard provides detailed insights into a view of network utilization and performance. The dashboard provides information about the errors, health, and traffic handled by the load balancer.
+The **The AWS Network Load Balancer - Overview** dashboard provides detailed insights into a view of network utilization and performance. The dashboard provides information about the errors, health, and traffic handled by the load balancer.
Use this dashboard to:
* Get an at-a-glance view of the number of errors and status of backend hosts.
* Identify load balancers with the most number of unhealthy hosts.
* Monitor trends around active connections, bytes processed, and reset packets to ensure load balancers are operating as expected.
-})
+
### Active and New Flows
-**The AWS Network Load Balancer - Active and New Flows** dashboard provides detailed insights for new flows, and active flows for TCP, TLS, and UDP traffic.
+The **AWS Network Load Balancer - Active and New Flows** dashboard provides detailed insights for new flows, and active flows for TCP, TLS, and UDP traffic. Use this dashboard to to monitor trends around active and new flows (connections) to make sure they line up with expectations, then use this information to scale up/scale down backend hosts.
-Use this dashboard to:
-* Monitor trends around active and new flows (connections) to make sure they line up with expectations and then use that information to scale up/scale down backend hosts.
-
-})
+
### Host Health Status
-
-**The AWS Network Load Balancer - Host Health Status** dashboard provides detailed insights into the number of healthy and unhealthy hosts.
+The **AWS Network Load Balancer - Host Health Status** dashboard provides detailed insights into the number of healthy and unhealthy hosts.
Use this dashboard to:
* Get a quick overview of the number of healthy and unhealthy hosts.
* Monitor trends around the number of unhealthy hosts to spot potential service disruptions that could warrant deeper investigation.
-})
-
-
+
### Errors
-**The AWS Network Load Balancer - Errors** dashboard provides detailed insights into the errors reported by the network load balancer. This dashboard shows information for the total number of TLS handshakes that failed during negotiation between a client and a TLS listener, and the total number of TLS handshakes that failed during negotiation between a TLS listener and a target.
+The **AWS Network Load Balancer - Errors** dashboard provides detailed insights into the errors reported by the network load balancer. This dashboard shows information for the total number of TLS handshakes that failed during negotiation between a client and a TLS listener, and the total number of TLS handshakes that failed during negotiation between a TLS listener and a target.
Use this dashboard to:
* Monitor TLS handshake errors during negotiation between a client and a TLS listener, which could happen if clients are sending an incorrect cipher or are using incorrect protocols not matching the one specified in the security policy. It’s recommended to use the most recent AWS CLI client version.
* Monitor TLS handshake errors during negotiation between a TLS listener and a target. Possible causes for this error include a mismatch of ciphers or protocols.
-})
-
+
### Reset (RST) Packets
+The **AWS Network Load Balancer - Reset (RST) Packets** dashboard provides detailed insights into the number reset (RST) packets received by the network load balancer. The dashboard shows the information for the total number of reset (RST) packets sent from a client to a target , the total number of reset (RST) packets generated by the load balancer, and the total number of reset (RST) packets sent from a target to a client.
-**The AWS Network Load Balancer - Reset (RST) Packets** dashboard provides detailed insights into the number reset (RST) packets received by the network load balancer. The dashboard shows the information for the total number of reset (RST) packets sent from a client to a target , the total number of reset (RST) packets generated by the load balancer, and the total number of reset (RST) packets sent from a target to a client.
-
-Use this dashboard to:
-* To monitor the number of RST packets. A high number of reset packets could indicate connections are getting dropped and could mean a disruption in service.
+Use this dashboard to monitor the number of RST packets. A high number of reset packets could indicate connections are getting dropped and could mean a disruption in service.
-})
+
### Processed Bytes
-**The AWS Network Load Balancer - Processed Bytes** dashboard provides detailed insights into the amount of bytes processed by the load balancer for total, UDP, TCP and TLS traffic.
+The **AWS Network Load Balancer - Processed Bytes** dashboard provides detailed insights into the amount of bytes processed by the load balancer for total, UDP, TCP and TLS traffic. Use this dashboard to monitor trends around processed bytes to make sure they line up with expectations and then use that information to scale up or scale down backend hosts.
-Use this dashboard to:
-* Monitor trends around processed bytes to make sure they line up with expectations and then use that information to scale up or scale down backend hosts.
-
-})
+
### Consumed LCUs
-The **AWS Network Load Balancer - Consumed LCUs** dashboard shows you the total number of load balancer capacity units (LCU) used by your load balancer by network protocol.
+The **AWS Network Load Balancer - Consumed LCUs** dashboard shows you the total number of load balancer capacity units (LCU) used by your load balancer by network protocol. Use this dashboard to optimize load balancer costs by monitoring trends around the number of load balancer capacity units (LCU) used by network protocol.
+:::note
You pay for the number of LCUs that you use per hour.
+:::
+
+})
+
+### CloudTrail Audit
+
+The **AWS Network Load Balancer - CloudTrail Audit** dashboard provides a comprehensive overview of AWS Network Load Balancer activities through CloudTrail audit logs. It visualizes successful and failed events globally, event trends, error details, and user activities, offering insights into load balancer performance, security, and usage patterns.
Use this dashboard to:
-* Optimize load balancer costs by monitoring trends around the number of load balancer capacity units (LCU) used by network protocol.
+* Monitor the geographical distribution of successful and failed load balancer events, allowing for quick identification of regions with high activity or potential issues.
+* Track the overall success rate of load balancer events and analyze trends over time, helping to identify any sudden changes or patterns in performance.
+* Investigate specific error events, including their details, frequency, and associated users, enabling faster troubleshooting and resolution of issues.
+* Identify the most common error types and the users experiencing highest failure rates, facilitating targeted improvements and user support.
-
+})
diff --git a/static/img/integrations/amazon-aws/AWS-Application-Load-Balancer-CloudTrail-Audit.png b/static/img/integrations/amazon-aws/AWS-Application-Load-Balancer-CloudTrail-Audit.png
new file mode 100644
index 0000000000..d600b93ffb
Binary files /dev/null and b/static/img/integrations/amazon-aws/AWS-Application-Load-Balancer-CloudTrail-Audit.png differ
diff --git a/static/img/integrations/amazon-aws/AWS-Classic-Load-Balancer-CloudTrail-Audit.png b/static/img/integrations/amazon-aws/AWS-Classic-Load-Balancer-CloudTrail-Audit.png
new file mode 100644
index 0000000000..861b60e972
Binary files /dev/null and b/static/img/integrations/amazon-aws/AWS-Classic-Load-Balancer-CloudTrail-Audit.png differ
diff --git a/static/img/integrations/amazon-aws/AWS-Network-Load-Balancer-CloudTrail-Audit.png b/static/img/integrations/amazon-aws/AWS-Network-Load-Balancer-CloudTrail-Audit.png
new file mode 100644
index 0000000000..a1c5443e12
Binary files /dev/null and b/static/img/integrations/amazon-aws/AWS-Network-Load-Balancer-CloudTrail-Audit.png differ