Log Depot for AWS CloudTrail logs
In the Armor Management Portal (AMP), you can use the existing Log Depot add-on product to collect CloudTrail logs from AWS.
After a successful configuration, the CloudTrail logs will appear in the Log Management screen in AMP.
At a high-level, to collect and view CloudTrail logs, you must:
- Order the Log Depot add-on product in the Log Management screen.
- Add an AWS account to Armor in the Cloud Connections screen.
- Create an S3 bucket and policy in the AWS console.
- Set up CloudTrail in the AWS console.
To learn how to collect CloudTrail logs, see test 1.
In the Armor Management Portal (AMP), the newly created Cloud Connections screen allows you to sync your public cloud account with AMP.
After a successful sync, the instances for that public account will appear in the Virtual Machines screen in AMP. Similarly, the Virtual Machines screen has been updated to include new columns to support Amazon EC2 instances.
In this launch, the Cloud Connections screen only supports AWS accounts. To learn how to sync your AWS account with Cloud Connections, see ANYWHERE Cloud Connections.