Forum Discussion
Ingesting Logs from S3 Bucket
I have an S3 bucket which stores some firewall logs. How do I go about pulling these logs into Sentinel? These are not AWS logs, the service provider is uploading the logs to S3. The native S3 connec...
A few ways to do that, a simple design may look something like this:
1) when firewall logs reach S3 bucket, a pre-defined S3 event notfication will trigger a Lambda function
2) the Lambda function is designed to format the firewall log into CEF format and send it to a syslog server
3) Sentinel can ingest logs from the Syslog server