AWS - CloudTrail | Marketplace

Details
Content
Dependencies
Version History

Amazon Web Services CloudTrail.

What does this pack do

The AWS CloudTrail pack contains the following:

Integration for interacting with a trail on AWS via an automation (Playbooks, Playground, etc.). See the AWS - CloudTrail integration docs for additional details.
Data normalization rules for parsing and modeling AWS CloudTrail Audit Logs that are ingested into the amazon_aws_raw dataset via the Amazon S3 data source on Cortex XSIAM. See Ingest audit logs from AWS Cloud Trail for configuration details. When configuring the Amazon S3 data source on Cortex XSIAM, select the Audit Logs log type:

Integrations

Name	Description
AWS - CloudTrail	Amazon Web Services CloudTrail.

Integrations

Name	Description
AWS - CloudTrail	Amazon Web Services CloudTrail.

Modeling Rules

Name	Description
Amazon AWS CloudTrail Modeling Rule

Parsing Rules

Name	Description
Amazon AWS CloudTrail Parsing Rule

Pack Name	Pack By
Base	By: Cortex XSOAR

Pack Name	Pack By
Base	By: Cortex XSOAR

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	September 6, 2020
Last Release	November 19, 2024

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.