AWS Config is a service provided by Amazon that enables administrators to assess, audit, evaluate, and analyze the compliance levels and security of your AWS resources. It constantly monitors and records the changes in configurations and relationships between AWS resources, dives into detailed resource configuration histories, and determines your overall compliance with the format specified in your internal guidelines.
Netsurion facilitates monitoring events from AWS Config by parsing the AWS CloudTrail logs and triggering events from Amazon EventBridge. The dashboard, categories, and reports in Netsurion’s threat protection platform, EventTracker, benefit in tracking the overall actions performed related to the AWS Config service to keep you informed about its activities. It even triggers alerts when it performs critical and service-related activities.
For a new instance, integrate the AWS instance into EventTracker using the EventTracker integrator lambda function, which will, in turn, deliver the logs to EventTracker from AWS. Configure the alerts, dashboards, and reports in EventTracker after configuring to transfer the events to EventTracker Manager.
Note: For an existing integrated AWS instance, upgrade to ETS_AWS_LogForwarder v1.0.10 or later.
Alerts
Reports
The configuration details are consistent with EventTracker version 9.3 or later, and ETS_AWS_LogForwarder v1.0.10 or later.
To configure AWS Config to send logs to EventTracker, refer to the How-To Guide.
For configuring Knowledge Packs in the EventTracker console, refer to the Integration Guide.