Monitoring Firewalls

Monitor the health, capacity, and performance of your firewalls by using metrics, alarms, and notifications.

This topic describes the metrics emitted by the metric namespace oci_network_firewall.

Available metrics: oci_network_firewall

The metrics in the following table are available for any firewall you create. You don't need to enable monitoring on the resource to get these metrics. However, you must have the firewall set up with network traffic passing through it to make the oci_network_firewall metric space available in the Metrics Explorer. Firewalls without network traffic emit no metric data.

Each metric includes one or more of the following dimensions:

resourceID: The OCID of the firewall.
resourceName: The name of the firewall.
ruleName: The name of the firewall policy rule.


Metric	Metric display name	Unit	Description	Dimensions	Frequency
`Decryption RuleHitCount`	Decryption rule hits	count	The number of times a connection matches a decryption rule.	`resourceID` `ruleName` `resourceName`	5 minutes
`ICMPFragmentAttacksCount`	ICMP fragment attacks	count	The number of ICMP fragment attacks detected.	`resourceID` `resourceName`	5 minutes
`IPSpoofCount`	IP spoof	count	Number of IPI spoof attacks detected.	`resourceID` `resourceName`	5 minutes
`LandAttacksCount`	Land attacks	count	The number of land attacks detected.	`resourceID` `resourceName`	5 minutes
`MacSpoofCount`	Mac spoof	count	The number of MAC spoof attacks detected.	`resourceID` `resourceName`	5 minutes
`PacketReceivedCount`	Packets received	count	The number of packets received at the firewall from the network, after drops.	`resourceID` `resourceName`	5 minutes
`PacketReceivedInErrorCount`	Packets received in error	count	Number of packets received through the firewall that have errors.	`resourceID` `resourceName`	5 minutes
`PacketSentCount`	Packets sent	count	The number of packets sent from the firewall to the network, after drops.	`resourceID` `resourceName`	5 minutes
`PingOfDeathAttacksCount`	Ping of death attacks	count	The number of ping of death attacks detected.	`resourceID` `resourceName`	5 minutes
`SecurityRuleHitCount`	Security rule hits	count	The number of times a connection matches a security rule.	`resourceID` `ruleName` `resourceName`	5 minutes
`TeardropAttacksCount`	Teardrop attacks	count	The number of teardrop attacks detected.	`resourceID` `resourceName`	5 minutes

Oracle Cloud Infrastructure Documentation

Monitoring Firewalls

Available metrics: oci_network_firewall

See also