AWS CloudTrail¶
Google SecOps supports the ingestion of AWS CloudTrail logs via an S3 Bucket
Chronicle Data Types¶
- AWS_CLOUDTRAIL
Configuration¶
- Follow the Google SecOps Guide to configure AWS CloudTrail, S3 and other AWS services to ingest AWS CloudTrail logs
- If you already have an existing S3 bucket, continue with the second step from the same guide to set up the required AWS SQS queue and supporting services to enable CloudTrail log ingestion