Microfocus should have an AWS collector.
Here's AWS page that describes their logging https://aws.amazon.com/answers/logging/centralized-logging/
by: Pekka L. | over a year ago | Integrations
Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.
Completed
3
Micro Focus should have a AWS collector
by: Pekka L. | over a year ago | Integrations
Comments
Pekka, this is a good idea. It would help us if you could get more details on the areas of AWS that were priorities (S3, EC2, EWS, etc.).
Also, Amazon has a feature called CloudTrail which collects events and stores them in the cloud for later consumption. This would most likely be the best way for Sentinel to interface into AWS. But there is a charge for it. It is described here: https://aws.amazon.com/cloudtrail/pricing/.
Would you let me know if Sentinel relying on a service such as CloudTrail would be acceptable?
Ted, the CloudTrail is a good option. That is their way of providing the logs, relying on it makes sense. EC2 and S3 are the products that come to mind first. The product question might be something you could want post to a larger audience.
Through the use of the ArcSight Smart Connector, Sentinel has now certified the support of the AWS Cloudtrail events.