log

AWS Security Hub allows security teams to centralize most of the findings from AWS services but does not provide a native feature to exporting them in a S3 bucket, like CloudTrail or GuardDuty do. I’m surprised by this lack of native export. AWS already shares several solutions to export them in a CSV file on-demand, on-schedule or the whole finding history one-shot. But in the end, I had to find a solution to export them in near real-time to an S3 bucket so that they could be integrated into a third-party SIEM solution....

This post is always in progress This blog post was initially written on 2021 and AWS continues to add features continuously. If you notice something wrong or obsolete, share it to me! Why this repository AWS lets customers to generate and integrate some services security logs. However, each log source has its own configuration making understanding quite difficult for new customers. This post references main AWS services logging sources with its properties, format(s), some examples and resource to go further....