Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Current »

The 8.6.0 release contains the following dashboards for cloud based systems.

image-20240130-060011.png

The Amazon dashboards are covering the following categories.

  • AWS cloud trail log activity

    • Each widget details a specific log type to be reported on, such as

      • Cloud Trail Log Activity -

      • Event by name

      • SRC ADDR the source address of the activity either FQDN or IP as provided in the event

      • User Name - the user that triggered the event

      • User type - the user role and type

      • User agent -

      • Lambda Cold Start Events by Username -

      • Customer Allocated IP Address Reports -

      • Events using Stolen Lambda Credentials -

    • Some examples of the dashboards for this area is below.

    • image-20240206-072404.png

  • AWS Flow logs

    • The specific log types in the widgets are for VPC flow activity

      • Logs Activity -

      • logs by system -

      • logs Action -

      • Logs DestAddr -

      • Logs Dest Port

      • Logs Protocol -

      • Logs SrcAddr -

      • Logs Src Port -

    • Some examples of the dashboard items are below

    • image-20240206-073506.png

  • AWS WAF logs

    • The specific log types in the widgets are for WAF activity.

      • Log Activity over time -

      • Log Activity by System -

      • Log Activity Client IP

      • Log HTTP Source -

      • Log HTTP Method -

      • Log Action -

      • Log Network Port -

      • Log Country of origin -

    • Some example of the dashboard items are below.

    • image-20240206-073518.png

  • No labels