Prisma Cloud : How to use Prefix when configuring AWS S3 Flow Logs on your VPC
4852
Created On 12/27/22 23:53 PM - Last Modified 04/06/24 15:54 PM
Objective
- How to use Prefix when configuring AWS S3 Flow Logs on your VPC
Environment
- Prisma Cloud
- Amazon Web Service (AWS)
Procedure
- Step 1 : Navigate to Providers > Cloud Accounts > Select Account > View Cloud Account (under Actions) > Threat Detection > S3.
- (Optional) If you do add a Prefix path, ensure your VPC flow logs are set to the correct destination path when generating Flow Logs in your AWS environment
- Example : In the following screenshot, Prefix has been added
- Step 2 : Specify a specific folder in the bucket using the bucket_ARN/folder_name/format when configuring your VPC Flow log.
- Once the Prefix has been added to Prisma Cloud and your VPC Flow Logs are being published to the correct folder, Prisma cloud will look for AWS/logs using the Prefix Path