Skip to content

AWS VPC Flow

Cyderes supports the ingestion of AWS VPC Flow logs via a S3 Bucket.

Chronicle Data Types

  • AWS_VPC_FLOW

Configuration

  1. Create a new S3 bucket to store VPC Flow Logs. A pre-existing S3 bucket may also be used. This guide AWS Guide can be followed.
  2. Follow AWS Guide for instructions on how to setup VPC Flow Logging to an S3 Bucket
  3. Confirm VPC Flow Logs are flowing into the S3 bucket
  4. Follow the AWS S3 Bucket guide to create an IAM user for Cyderes that can access the S3 bucket
  5. Provide the authentication information to Cyderes per the AWS S3 Bucket Guide