Issue
Customer wants to confirm an event is written to their Cloudtrail.
Resolution
- Navigate to Cloudtrail.
- Select "Event History" in top left.
3. Filter for “Event Name” and “CreateSecurityGroup”
Notes
- The above search for "CreateSecurityGroup" will only return results if a group has been created. This example shows how to check for the security group creation in step 1 of Generating AWS Threats in Red Canary
- It can take about 5 minutes for data to be written to the Cloudtrail
- It can take up to 30 minutes for the data to be picked up and processed by Red Canary for an existing integration. For a new integration backend services must first be spun up which can take a few hours.
Comments
0 comments
Please sign in to leave a comment.