Prisma Cloud : How to use Prefix when configuring AWS S3 Flow Logs on your VPC

Prisma Cloud : How to use Prefix when configuring AWS S3 Flow Logs on your VPC

4478
Created On 12/27/22 23:53 PM - Last Modified 04/06/24 15:54 PM


Objective


  • How to use Prefix when configuring AWS S3 Flow Logs on your VPC

Environment


  • Prisma Cloud
  • Amazon Web Service (AWS)

Procedure


  • Step 1 : Navigate to Providers > Cloud Accounts > Select Account > View Cloud Account (under Actions) > Threat Detection > S3.

     

Screen Shot 2022-12-27 at 3.06.31 PM.png
 
  • (Optional) If you do add a Prefix path, ensure your VPC flow logs are set to the correct destination path when generating Flow Logs in your AWS environment
  • Example : In the following screenshot, Prefix has been added
Screen Shot 2022-12-27 at 3.26.10 PM.png
  • Step 2 : Specify a specific folder in the bucket using the bucket_ARN/folder_name/format when configuring your VPC Flow log.
Screen Shot 2022-12-27 at 3.23.46 PM.png
  • Once the Prefix has been added to Prisma Cloud and your VPC Flow Logs are being published to the correct folder, Prisma cloud will look for AWS/logs using the Prefix Path
 

Additional Information
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000kFt9CAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language