Amazon CloudFront

Version: ETS AWS LogForwarder v1.0.10 or later.

Amazon CloudFront Web Service is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers across the globe with low latency and high transfer speeds.

Netsurion Open XDR seamlessly combines SIEM, Log Management, File Integrity Monitoring, Machine Analytics, and User behaviour monitoring. The dashboard, category, alerts, and reports in Netsurion Open XDR benefit in tracking critical activities, security warning activities, and others.

After configuring the Amazon CloudFront to forward logs to Netsurion Open XDR via syslog, then configure the alerts, dashboards, and reports to the Netsurion Open XDR.

For a pre-integrated AWS instance, update the version for ETS AWS LogForwarder to v1.0.10 or above.

The following are the key Data Source Integration available in Netsurion Open XDR.


SecurityAmazon CloudFront – Configuration manipulation detectedThis alert is triggered whenever the configuration for distributions is deleted or maliciously modified.


SecurityAmazon CloudFront – Activity overviewThis report contains information related to all console activities concerning the CloudFront service.


SecurityAmazon CloudFront – Critical activities by actionThis dashlet provides information on actions that can disrupt the CloudFront configuration.
SecurityAmazon CloudFront – Configuration changesThis dashlet captures any modification detected in the CloudFront configuration.
SecurityAmazon CloudFront – Origin access control modificationsThis dashlet provides information on origin access creation and modification in CloudFront distributions.


The configuration details are consistent with Netsurion Open XDR 9.3 and later, and ETS AWS LogForwarder.

Download How-To Guide and Integration Guide for configuration instructions and more information.