Skip to content

Configuration Manual for Collector "Tencent Cloud-WAF"

Before reading this article, please read the following first:

Before using this collector, you must install the «Integration Core Package» and its associated third-party dependency packages

1. Configuration Structure

The configuration structure of this collector is as follows:

Field Type Required Description
regions list Required List of regions to collect data from
regions[#] str Required Region ID. For example: 'ap-guangzhou'
Refer to appendix for full list

2. Configuration Example

Specify Region

Collect data from Shanghai region

Python
1
2
3
collector_configs = {
    'regions': [ 'ap-guangzhou' ]
}

Configure Filters (Optional)

This collector script supports user-defined filters, allowing users to filter target resources by object properties. The filter function returns True or False: - True: The target resource needs to be collected. - False: The target resource does not need to be collected.

Supported object properties for filtering:

Property Description
DomainId Domain ID
Domain Domain name
InstanceId Instance ID
InstanceName Instance name
Edition Instance type of the domain
Cname Cname address
ClsStatus Access log switch status
FlowMode Load balancing WAF usage mode
Status WAF switch status
Engine Combined status of rule engine and AI engine protection
AppId User ID
State Listener status of load balancing WAF domain
Level Instance version information
Python
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
# Example: Enable filters, filter based on DomainId and Status properties of the object, with configuration format as follows:

def filter_instance(instance):
    '''
    return True|False
    '''
    domain_id = instance['DomainId']
    status = instance['Status']
    if domain_id in ['xxx'] and status == 1:
        return True
    return False

###### Do not modify the following contents #####
from guance_integration__runner import Runner
import guance_tencentcloud_waf__main as main

def run():
    Runner(main.DataCollector(account, collector_configs, filters=[filter_instance])).run()

3. Data Reporting Format

After data synchronization is successful, you can view the data in the «Infrastructure - Resource Catalog» section of {{( brand_name }}}.

Example of reported data:

JSON
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
{
    "measurement": "tencentcloud_waf",
    "tags": {
        "name"        : "waf-xxxx",
        "RegionId"    : "ap-guangzhou",
        "DomainId"    : "waf-xxxx",
        "Domain"      : "www.xxx.com",
        "InstanceId"  : "waf-yyyy",
        "Edition"     : "clb-waf",
        "Cname"       : "f123db7d0817dc9c7a26e8c2d072xxx",
        "InstanceName": "Main Instance Guangzhou",
        "ClsStatus"   : "1",
        "FlowMode"    : "1",
        "Status"      : "1",
        "Engine"      : "21",
        "AppId"       : "123456789",
        "State"       : "0",
        "Level"       : "3"
    },
    "fields": {
        "CCList"         : "{Sandbox cluster back-to-source export IP list}",
        "RsList"         : "{Production cluster back-to-source export IP list}",
        "Ports"          : "{Service port configuration}",
        "LoadBalancerSet": "{Load balancer related configuration}",
        "Note"           : "Notes",
        "SrcList"        : "{SAASWAF origin station IP list}",
        "CreateTime"     : "2023-10-16 08: 53: 47",
        "message"        : "{Instance JSON data}"
    }
}

Fields in tags and fields may change with subsequent updates

The value of tags.name is the instance ID, used as a unique identifier

fields.message and fields.InstanceNode are strings after JSON serialization

X. Appendix

Please refer to the official Tencent Cloud documentation: