Forum Discussion
How to get aws cloudwatch alerts using the new sentinel AWS connector.
Hi there, I'd like to collect AWS cloudwatch logs to Sentinel. (I'm not much of an AWS user but I can get around.) Here's what I'd like to do: #1 - enable AWS Cloudtrail and dump Management logs ...
The Microsoft Sentinel instructions are here: https://learn.microsoft.com/en-us/azure/sentinel/connect-aws?tabs=s3
thanks Clive_Watson
Yes I've read that procedure several times but there's nothing in there about setting up the AWS site for Cloudwatch.
In fact if you follow that procedure it's very easy to accidentally log EVERYTHING from AWS Cloudtrail and cost you thousands of dollars per month.