CYDERES supports the ingestion of AWS CloudWatch logs via a S3 Bucket.
CloudWatch collects monitoring and operational data in the form of logs, metrics, and events, providing you with a unified view of AWS resources, applications, and services that run on AWS and on-premises servers.
Chronicle Data Types
Create a new S3 bucket to store CloudWatch logs. If you already have a S3 bucket setup you can use the existing bucket. This AWS Guide will help you learn about sending your CloudWatch logs to your S3 bucket.
Follow this to learn more about setting up a S3 Bucket.
Once the CloudWatch is running and confirmed to be flowing in your S3 bucket, follow the AWS S3 Bucket guide above to create an IAM user for CYDERES that can access this S3 bucket.
Send the following to CYDERES when S3 setup is completed
- IAM Role ARN
- IAM ExternalID
- S3 Bucket Name
- S3 Bucket File Path
- S3 Region
- Log Types