USM Anywhere™: Configuring AWS Log Collection
Section outline
-
Welcome to the Configuring AWS Log Collection course.
This course demonstrates how to configure your AWS environment to collect and forward logs to a USM Anywhere sensor using AWS CloudTrail, AWS VPC Flow Logs, and the AWS CloudWatch agent.
After completing this course, students will be able to configure log collection in their AWS environment to forward logs to a USM Anywhere sensor..
This course should take approximately 30 minutes to complete.
Notice: These training documents are protected by the United States copyright laws and are proprietary to LevelBlue Intellectual Property. Sale, disclosure, copying, recording, reproduction, merger, translation, modification, enhancement, or use by anyone other than authorized individuals without the prior written consent of LevelBlue Intellectual Property is strictly prohibited.
©2024 LevelBlue Intellectual Property. LevelBlue logo, and registered trademarks and service marks of LevelBlue Intellectual Property and/or LevelBlue affiliated companies. All other marks are the property of their respective owners.
-
Please consult our FAQ on Course Navigation for help consuming this material.
Course Completion: Upon completion of a module please click the Mark as done button
Getting Support: Please view our Frequently Asked Questions.
-
-
Students mustMark as done
This video demonstrates how to configure AWS to capture CloudTrail Logs which monitors account activity from your environment. You will then see how USM Anywhere is configured to retrieve and analyse this information to create events.
-
-
-
Students mustMark as done
This video demonstrates how to configure AWS CloudWatch Agent on an asset so it will send its logs to CloudWatch. You will also create a role to allow the asset communicate with CloudWatch on AWS. You will then see how USM Anywhere is configured to retrieve and analyse this information to create events.
-
-
-
Students mustMark as done
This video demonstrates how to configure AWS to capture VPC Flow Logs which represent network information from your environment. You will see how to use the role created in Configuring CloudWatch Agent to store the VPC Flow Logs in CloudWatch on AWS. You will then see how USM Anywhere is configured to retrieve and analyse this information to create events.
-
-
If you would like a provide feedback on the material or the platform, please complete our Survey.
If you would like a certificate for your records, please select the Download Certificate icon. The option will not become available until you have completed all modules of the training course.