Configuring Cloud Security Plus to collect AWS log data

• Adding an AWS account in Cloud Security Plus
• Adding CloudTrail as a data source in Cloud Security Plus
• Adding S3 server access logs as a data source in Cloud Security Plus

Adding an AWS account in Cloud Security Plus

• Click on "Cloud Account Settings".
• Click on "Add Cloud Account".
• Select the Cloud Type as AWS.
• Enter a Display name in the given box.
• Enter the following details to enable Cloud Security Plus to start collecting Azure activity logs
  • Access Key
  • Secret Access Key
• Click “Save.”

Adding CloudTrail as a data source in Cloud Security Plus

1. Click on “Cloud Account Settings.”
2. Select your Cloud Account.
3. Click on “Add Data Source.”
4. Select “CloudTrail” from the drop-down list of Data source types.
5. Choose the appropriate geographical region from the given list.
6. Select the URL for the SQS that you have created.

7. Click on “Save.”

   

Adding S3 server access logs as a data source in Cloud Security Plus

1. Click on “Cloud Account Settings.”
2. Select your Cloud Account.
3. Click on “Add Data Source.”
4. Select “S3 server access logs” from the drop-down list of Data source types.
5. Select the “S3 Bucket” for which you want to enable access logging from the drop-down list.
6. Click on “Save.”