Versions Compared

Old Version 8

changes.mady.by.user Customer Success & Engineering

Saved on

compared with

New Version 9

changes.mady.by.user Customer Success & Engineering

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Cisco Umbrella is a SaaS product that stores its logs in the S3 bucket. The overall process of integration is to

  1. Ensure that the logs are stored in the S3 bucket provided by Cisco or owned by the customer.

  2. Providing these S3 bucket credentials to integrate these logs in the Seceon product.

This document describes both of these steps.

...

Enable Logging to Cisco Managed S3 Bucket

Steps of Configuration

  1. Navigate to Admin > Log Management and select Use a Cisco-managed Amazon S3 bucket.

 

...

  1. Select a Region and a Retention Duration.

...

 

  • Select a Region—Regional endpoints are important to minimize latency when downloading logs to your servers. The regions match those available in Amazon S3; however, not all regions are available. For example, China is not listed.
    Pick the region that's closest to you from the dropdown. If you wish to change your region in the future, you will need to delete your current settings and start over.

  • Select a Retention Duration—Select 7, 14, or 30 days. Beyond the selected time period, all data will be purged and cannot be retrieved. We recommend a smaller time period if your ingestion cycle is regular. The retention duration can be changed at any time.

  1. Click Save and then Continue to confirm your settings.

...

Umbrella activates its ability to export to an AWS S3 account. When activation is complete, the Amazon S3 Summary page appears.

...

 

  1. Copy credentials from this page and store them in a safe place. This is the only time that the Access and Secret keys are made available to you. These keys are required to access your S3 bucket and download logs. If you lose these keys, they must be regenerated.

  2. Once keys are copied and safe, check Got it and then click Continue.
    Note: Continue is unavailable until you check Got it.

 

...

S3 Bucket Data Path

The Umbrella Amazon S3 Summary page provides the Data Path to your Amazon bucket. An Umbrella data path contains the following path fields:

Code Block
<AWS S3 bucket name>-<AWS region>/<AWS S3 bucket directory prefix>

  1. AWS S3 bucket name and AWS region—the name of the AWS S3 bucket managed by Cisco (cisco-managed), a dash (-), and the AWS region.

  2. AWS S3 bucket directory prefix—the directory prefix (customer folder name) to the Cisco-managed AWS S3 bucket.

Sample S3 Bucket Data Path:

...

Configuring Cisco Umbrella S3 bucket in Seceon

  1. Login to the tenant as an Administrator

  2. Go into the Provisioning Cloud DevicesAWS ConfigurationConfigure Cisco umbrella services

  3. Fill in the required inputs in configuration from your environment.

  • Access Key ID: Access Key

  • Secret Access Key: Secret Key

  • Region: Storage Region

  • Storage Type: S3 Bucket

  • Storage name: S3 Bucket Data Path

  • CCE IP: IP Address of CCE

...