Skip to content

AWS VPC Flow

Chronicle supports the ingestion of AWS VPC Flow logs via a S3 Bucket.

Chronicle Data Types

  • AWS_VPC_FLOW

Configuration

  1. Create a new S3 bucket for the VPC Flow Logs to be stored in. Feel free to follow this AWS Guide. If you already have a S3 bucket setup you can use the existing bucket.
  2. Follow this AWS Guide on how to setup VPC Flow Logs into your S3 Bucket.
  3. Once the VPC Flow Logs are flowing into your S3 bucket follow the AWS S3 Bucket guide on how to create a IAM user for CYDERES that can access this S3 bucket.