Error:
An unexpected error occurred. Please click Reload to try again.
Error:
An unexpected error occurred. Please click Reload to try again.
Prisma Cloud : How to use Prefix when configuring AWS S3 Flow L... - Knowledge Base - Palo Alto Networks

Prisma Cloud : How to use Prefix when configuring AWS S3 Flow Logs on your VPC

4852
Created On 12/27/22 23:53 PM - Last Modified 04/06/24 15:54 PM


Objective


  • How to use Prefix when configuring AWS S3 Flow Logs on your VPC


Environment


  • Prisma Cloud
  • Amazon Web Service (AWS)


Procedure


  • Step 1 : Navigate to Providers > Cloud Accounts > Select Account > View Cloud Account (under Actions) > Threat Detection > S3.

     

Screen Shot 2022-12-27 at 3.06.31 PM.png
 
  • (Optional) If you do add a Prefix path, ensure your VPC flow logs are set to the correct destination path when generating Flow Logs in your AWS environment
  • Example : In the following screenshot, Prefix has been added
Screen Shot 2022-12-27 at 3.26.10 PM.png
  • Step 2 : Specify a specific folder in the bucket using the bucket_ARN/folder_name/format when configuring your VPC Flow log.
Screen Shot 2022-12-27 at 3.23.46 PM.png
  • Once the Prefix has been added to Prisma Cloud and your VPC Flow Logs are being published to the correct folder, Prisma cloud will look for AWS/logs using the Prefix Path
 


Additional Information




Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000kFt9CAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language