Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 33 Next »

AWS

Log index

Instruction

alb, elb

Ensure that that logging for ALB/ELB is on and logs are being stored in S3 Bucket. Grant Cloudaware with access to this bucket (s3:GetObject and s3:ListObject permissions)

aws-config

Enable AWS Config as described https://docs.aws.amazon.com/config/latest/developerguide/getting-started.html

Ensure that Cloudaware has been granted with the permission config:Des* (or config:DescribeDeliveryChannels as minimum)

billing

Ensure that your billing integration is set up according to the guide (AWS account your billing is consolidated under and S3 bucket where billing files are stored should be present in Cloudaware)

cloudfront

Enable logging as described here

Ensure that logs are being stored in S3 bucket. Grant Cloudaware with access to this bucket (s3:GetObject and s3:ListObject permissions)

cloudtrail


Ensure CloudTrail is enabled and the CloudTrail data is accessible (the bucket should be present to Cloudaware)

eks-logs

Ensure Amazon EKS is enabled as described https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html

Ensure that Cloudaware has been granted with permissions logs:DescribeLogGroups, logs:DescribeLogStreams, logs:GetLogEvents

aws-rds

Cloudaware tracks RDS logs in both CloudWatch and events from DB instance. Ensure that Cloudaware has the following permissions*:

For logs from CloudWatch: logs:DescribeLogGroups, logs:DescribeLogStreams, logs:GetLogEvents.

For logs from DB instance: rds:DescribeDBInstances, rds:DescribeDBLogFiles, rds:DownloadCompleteDBLogFile, rds:DownloadDBLogFilePortion.

*These permissions are predefined in Cloudaware Conflux Collector policy.

route53

Ensure that logging for DNS Queries is enabled: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html#query-logs-configuring

s3-access-logs

Ensure that logging for S3 is enabled https://docs.aws.amazon.com/AmazonS3/latest/user-guide/server-access-logging.html

vpc-flow-logs

Ensure that logging for network interface of VPC is enabled: https://aws.amazon.com/blogs/aws/vpc-flow-logs-log-and-view-network-traffic-flows/

waf-logs

Ensure that WAF logs are being stored in S3 Bucket. Grant Cloudaware with access to this bucket (kinesis:DescribeStream and kinesis:ListStreams permissions should be in place, along with s3:ListBucket and s3:GetObject)

Azure

Log Index

Instruction

azure-activity

Ensure that the Reader role has been assigned to Cloudaware based on the guide

azure-billing

Ensure that your billing integration is set up according to the guide

azure-flowlogs

Ensure that a custom role has been created for Cloudaware to have 'read' access to Storage Account keys (Microsoft.Storage/storageAccounts/listKeys/action permission)

Google Cloud

Log index

Instruction

google-audit-

Ensure that Cloud logging is enabled: https://cloud.google.com/logging/docs/audit/

Host Level

Log index

Instruction

metricbeat

Ensure Breeze is installed on a host. Ensure the outbound connection to port 8443 is open on your Conflux node*. WARNING: once enabled, metribeat may generate a significant number of logs.

winlogbeat

Ensure Breeze is installed on a host. Ensure the outbound connection to port 8443 is open on your Conflux node*. WARNING: once enabled, winglobeat may generate a significant number of logs.

filebeat

Ensure Breeze is installed on a host. Ensure the outbound connection to port 8443 is open on your Conflux node*. WARNING: once enabled, filebeat may generate a significant number of logs.

packetbeat

Ensure Breeze is installed on a host. Ensure the outbound connection to port 8443 is open on your Conflux node*. WARNING: once enabled, packetbeat may generate a significant number of logs.

* DNS name and IP address will be provided after Conflux is enabled for you in Cloudaware.

  • No labels