Log Streaming
Log Streaming collects events from various log sources for your Wide-area Private Cloud (WPC) and stores them in your AWS S3 bucket.
Log Streaming collects events from various log sources for your Wide-area Private Cloud (WPC) and stores them in your AWS S3 bucket.
Principle of Operation
The Log streaming feature regularly checks various logs for the types of information and events mentioned in the list below.
Traffic flow events of allowed and blocked traffic flows between Traffic Sources and Traffic Destinations. Refer to Access Visibility Terms.
Successful and failed OpenVPN tunnel connection attempts, as well as disconnection events.
Generated events when content filtering (Cyber Shield Domain Filtering) blocks access to content.
Generated events when the Intrusion Protection System (Cyber Shield Traffic Filtering) blocks a traffic flow.
If log events are present for your WPC, it creates a log file of those events in JSON format, compresses the log file, and stores it in your configured AWS S3 bucket.
The tools you use for SIEM, traffic visibility, etc., can retrieve these log files from your AWS S3 bucket for processing.
Prerequisite
An AWS S3 bucket in your AWS account with proper permissions. Refer to Tutorial: Configure AWS S3 bucket for CloudConnexa Log Streaming.