AWS
Log index | Instruction |
---|---|
alb, elb | Ensure that that logging for ALB/ELB is on and logs are being stored in S3 Bucket. Grant Cloudaware with access to this bucket ( |
aws-config | Enable AWS Config as described in AWS Documentation Ensure that Cloudaware has been granted with the permission |
cloudfront | Enable logging as described in this external guide Ensure that logs are being stored in S3 bucket. Grant Cloudaware with access to this bucket ( |
cloudtrail | Ensure CloudTrail is enabled and the CloudTrail data is accessible (the bucket should be present to Cloudaware) |
eks-logs | Ensure Amazon EKS is enabled as described in AWS Documentation Ensure that Cloudaware has been granted with permissions |
aws-rds | Cloudaware tracks RDS logs in both CloudWatch and events from DB instance. Ensure that Cloudaware has the following permissions*:
*These permissions are predefined in Cloudaware Conflux Collector policy. |
route53 | Ensure that logging for DNS Queries is enabled as described in AWS Documentation |
s3-access-logs | Ensure that logging for S3 is enabled as described in AWS Documentation |
vpc-flow-logs | Ensure VPC, VPC subnet or Elastic Network Interface traffic is logged to CloudWatch Logs as described in AWS Documentation |
waf-logs | Ensure that WAF logs are being stored in S3 Bucket or in CloudWatch Logs. Grant Cloudaware with access to this bucket ( |
Azure
Log Index | Instruction |
---|---|
azure-activity | Ensure that the Reader role has been assigned to Cloudaware based on Cloudaware Azure Start Guide |
azure-flowlogs | Ensure that a custom role has been created for Cloudaware to have 'read' access to Storage Account keys ( |
Google Cloud
Log index | Instruction |
---|---|
google-audit- | Ensure that Cloud logging is enabled as described in Google Cloud Documentation |
Host Level
Log index | Instruction |
---|---|
metricbeat | Ensure Breeze is installed on a host. Ensure the outbound connection to port 8443 is open on your Conflux node*. WARNING: once enabled, metribeat may generate a significant number of logs |
winlogbeat | Ensure Breeze is installed on a host. Ensure the outbound connection to port 8443 is open on your Conflux node*. WARNING: once enabled, winglobeat may generate a significant number of logs |
filebeat | Ensure Breeze is installed on a host. Ensure the outbound connection to port 8443 is open on your Conflux node*. WARNING: once enabled, filebeat may generate a significant number of logs |
packetbeat | Ensure Breeze is installed on a host. Ensure the outbound connection to port 8443 is open on your Conflux node*. WARNING: once enabled, packetbeat may generate a significant number of logs |
* DNS name and IP address will be provided after Conflux is enabled for you in Cloudaware