If this monitor isn’t pulling any evidence, it’s usually due to missing WebACLs or ACLs that are missing rules
🔍 Why This Happens
The monitor Web application firewall Configuration checks your WebACLs for active rules.
If WebACLs are present but contain no rules, the monitor will return no data. It does not evaluate the ACLs themselves—only the rules within them.
✅ What You Need to Do
-
Sign in to the AWS Console
-
Navigate to WAF & Shield
-
Check if any WebACLs exist
-
If no WebACLs exist: This is the reason the monitor shows no data
-
If WebACLs do exist:
-
Click into each one
-
Confirm that at least one rule is configured
-
🛠️ Next Step
If no rules are present, add at least one rule to your WebACL(s).
Wait a few minutes for the monitor to sync—once a rule is detected, data will start appearing.