Network Firewall logging configuration.
Use this configuration to define logging destinations for Network Firewall.
You can configure AWS Network Firewall logging for your firewall's stateful engine.
Logging gives you detailed information about network traffic, including the time that
the stateful engine received a packet, detailed information about the packet, and any
stateful rule action taken against the packet. The logs are published to the log destination
that you've configured, where you can retrieve and view them.
NetworkConfig / CentralNetworkServicesConfig / NfwConfig / NfwFirewallConfig / NfwLoggingConfig
Network Firewall logging configuration. Use this configuration to define logging destinations for Network Firewall. You can configure AWS Network Firewall logging for your firewall's stateful engine. Logging gives you detailed information about network traffic, including the time that the stateful engine received a packet, detailed information about the packet, and any stateful rule action taken against the packet. The logs are published to the log destination that you've configured, where you can retrieve and view them.
See
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-loggingconfiguration-logdestinationconfig.html
The following example configures Network Firewall to send ALERT-level logs to S3:
Example