Versions Compared

Old Version 16

changes.mady.by.user Juan Tomás Alonso Nieto (Deactivated)

Saved on

compared with

New Version Current

changes.mady.by.user Juan Tomás Alonso Nieto (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel2
maxLevel2
typeflat
Note

Please note that the following Lambda function explanation is offered only as an illustrative example. Users are solely responsible for the implementation and usage of the Lambda function based on the information and code we provide. Devo does not maintain any piece of code required for this process.

If you have any questions, please contact us.

Download the source file

Download the file below, decompress it and copy the following folder and two files to the folder where you saved the Devo domain certificates previously downloaded:

...

Rw ui steps macro
Rw step

Open the config.json file in an editor and edit the values for the following parameters.

Parameter

Description

address

This is the host address for the Devo Cloud for the region you are using. It should be one of:

  • USA: us.devo.com/login

  • Europe: eu.devo.com/login

  • Spain: es.devo.com/login

  • Canada: ca.devo.com/login

  • Asia-Pacific (APAC): apac.devo.com/login

port

The inbound port number of the Devo Platform host should always be 443.

chain

The name of the Devo domain Chain CA file.

This is usually chain.crt.

cert

The name of the Devo domain certificate file. 

Ex: devo_domain.crt

key

The name of the Devo domain private key file.

Ex: devo_domain.key

tag

This is the Devo tag that corresponds to the technology that generated the events you are sending to Devo. In this case, the tag is cloud.aws.cloudtrail.events, which is already specified.

Rw step

Save the file in the folder where the domain certificates and Python script are saved.

...

  1. Create a new AWS Lambda function in the same zone in which the S3 bucket resides.

  2. Click Blueprints, then click the s3-get-object-python blueprint tile. 

    Image RemovedImage Added

  3. Click the Configure button. The next page contains three sections; Basic informationS3 trigger, and Lambda function code.


  4. In the Basic information section, enter a Name for the new function. 

    1. If using an existing role, make sure that it has Lambda execution and S3 read permissions. 

    2. If not using an existing role, create a new one. Under Role, select Create new role from AWS Policy Templates. Enter a role name and select Amazon S3 object read-only permissions as the Policy Template.

  5.  In the S3 trigger section, select the Bucket that contains the events, set the Event type to All object create events, then select Enable trigger.

  6. Click Create function. The next page contains several sections in which you configure the details of your new function.

  7. Modify the Function code section as indicated below and for Function package, click Upload to select the .zip file you created earlier. Then, click Save to upload the file.

    Image RemovedImage Added

  8. In the Execution role section, select the role you specified/created for the function. In the Basic settings section, set the Memory and Timeout to an interval close to, but less than, the event creation frequency. For example, if the log file creation frequency is 5 minutes, set the Timeout to 4 minutes and 30 seconds. In the Network section, select No VPC for the VPC value.

  9. Click Save

  10. Now, select the new function to view its details. In the Execution role area, click View the <function-name> role to edit the role permissions.

  11. On the Permissions tab, click Attach policy. Select AmazonS3ReadOnlyAccess, then click Attach policy.

...