Wider attack surface coverage powered by hundreds of integrations and deeper threat visibility powered by thousands of detections.
Version: AWS LogForwarder v1.0.10 or later.
AWS Identity and Access Management (IAM) is a web service for securely controlling access to AWS resources. It enables you to create and control services for user authentication or limit access to a certain set of people who can use AWS resources. With IAM policies, users can manage permissions to the workforce and systems ensuring least-privilege permissions.
Netsurion monitors events from AWS IAM by parsing the AWS CloudTrail logs and triggers from Amazon EventBridge. Dashboards and reports in Netsurion, will track the overall actions that are performed related to the Amazon IAM service to keep you informed about its activities. It will trigger alerts whenever an action that is critical to the service is carried out.
For a new instance, integrate the AWS instance to Netsurion using the Netsurion integrator lambda function, which will in turn deliver logs to Netsurion from AWS. For an already-integrated AWS instance, make sure to update to AWS LogForwarder v1.0.1 or later.
Some of the Data Source Integrations available in Netsurion are listed below.
The configuration details are consistent with Netsurion version 9.3 or later, and AWS LogForwarder v1.0.10 or later.
Download Integration Guide and How-to Guide for more information and to configuration instructions.