- Collect and store logs with the Host Log Collector add-on product
- To specifically collect CloudTrail logs, see Collect and view CloudTrail logs in AMP.
View the security status of your instance in the Virtual Machines screen
While all instances from your public cloud account will appear in the Virtual Machines screen, you should only focus on the security status for the instances that contain the Armor agent.
- Add AWS Security Hub feature to your public cloud account.
Currently, the Cloud Connections screen supports Amazon Web Services (AWS).
You can use this screen to collect CloudTrail logs and EC2 instance logs.
The Cloud Connections screen displays the public cloud accounts you have synced.
This column displays the descriptive name for your account.
You can also click the arrow to see which Armor services are associated with the account.
|Provider||This column displays the public cloud provider.|
This column displays the ID for your public cloud account.
|Status||This column displays the connection status between your Armor accounts and your public cloud account.|
- In the Armor Management Portal (AMP), in the left-side navigation, click Infrastructure.
- Click Virtual Machines.
|Name||The name of the instance from your public cloud account|
|Type||The type of instance, specific to the offerings offered by your public cloud provider, such as en EC2 instance for AWS|
|Provider||The public cloud provider for the instance|
The operating system associated with the instance
(For AWS, the associated AMI is listed)
|Date Created||The date the instance was created in your public cloud account|
The security group that corresponds to your AWS instance.
The keypair that corresponds to your AWS instance.
The security status of the instance, in relation to the installed agent. There are three states:
|Power||The power status of the instance, either powered on (green) or powered off (red)|