Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.
AWS CloudTrail Configuration
IAM User Permission
CloudWatchLogsReadOnlyAccess
AmazonS3ReadOnlyAccess
AWS Side Configuration
Log into the AWS Console and in the search type 'cloudtrail'
2. In the dashboard you can either choose to use an existing trail or create a new trail.
2A. If choosing to create a new trail click on Create Trail button
a) Enter a Trail Name
b) Choose to create a new s3 bucket or save to an existing s3 bucket
c) Disable Log file SSE-KMS encryption
d) Enable CloudWatch logs.
e) Create a new Log group name and note it down
f) Create a New IAM Role called CloudtrailRoleforCloudwatchLogs_{trail-name}
g) Under events choose Management events, API activity - Read and Write
h) Review and finally Create Trail
2B ) If using an existing trail, click on it and check if CloudWatch logs is configured for the trail.
If yes, then note down the Cloudwatch Log Group name and use it for configuration.
If not, then Cloudwatch Logs > Edit
a) Enable CloudWatch logs.
b) Create a new Log group name and note it down
c) Create a New IAM Role called CloudtrailRoleforCloudwatchLogs_{trail-name}
d) Save changes and proceed.
Seceon OTM Configuration
Open the Seceon OTM UI. Go into a Tenant. Settings > Provisioning > Cloud Devices > AWS Configuration
Open Configure CloudTrail services
Click on Add…
AWS Access Key ID: Enter Access Key ID
AWS Secret Access Key: Input Secret Access Key
AWS Region: Choose Log Group AWS Region
AWS Log Group Name: Enter Log Group Name
AWS Log Stream Name: This is optional and can be ignored
Route53 Service: Choose Yes or No based on requirements
Route53 Region: (Only active is yes chosen above) Enter region
Route53 Log Group Name: (Only active is yes chosen above) Enter log group name
Route53 Log Stream Name: (Only active is yes chosen above) Enter log stream Name
CCE IP: Enter CCE IP
Click on Save to save all the details.
Seceon Inc. All rights reserved. https://www.seceon.com