Patterns for consuming custom log sources in Amazon Security Lake
Security Blog
This article discusses patterns for consuming custom log sources in Amazon Security Lake, a service that centralizes security data into a purpose-built data lake. It covers three patterns:
Specifically, the article covers:
- Pattern 1: Log collection in a hybrid environment using Kinesis Data Streams (e.g. Windows Sysmon logs)
- Pattern 2: Log collection from services and products using AWS Glue (e.g. AWS Network Firewall logs)
- Pattern 3: Log collection using integration with supported AWS services (e.g. AWS Security Hub, AWS AppFabric)
- The article provides detailed instructions, architecture diagrams, and code samples for implementing each pattern to ingest and transform custom log sources into the Open Cybersecurity Schema Framework (OCSF) format for analysis in Amazon Security Lake.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Jul 30
2024
2024
How to deploy an Amazon OpenSearch cluster to ingest logs from Amazon Security Lake
May 22
2024
2024
Amazon Security Lake now supports logs from AWS WAF
Jul 29
2024
2024
Accelerate incident response with Amazon Security Lake – Part 2
May 17
2024
2024
Optimize AWS event and log collection using common design patterns
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.