...
Code Block |
---|
{ "inputs": { "sqs_collector": { "id": "<FIVE_UNIQUE_DIGITS>", "services": { "<SERVICE_NAME>": {} }, "credentials": { "aws_cross_account_role": "arn:<PARTITION>:iam::<YOUR_AWS_ACCOUNT_NUMBER>:role/<YOUR_ROLE>", "aws_external_id": "<EXTERNAL_ID>" }, "region": "<REGION>", "base_url": "https://sqs.<REGION>.amazonaws.com/<YOUR_AWS_ACCOUNT_NUMBER>/<QUEUE_NAME>" } } } |
Secure It
Combine the CloudTrail service with the GuardDuty service to get threat intelligence from AWS.
The data is in the cloud.aws.cloudtrail.*
tables. The fourth level of the tag is the AWS service.
...