cef0.amazon
- Juan TomƔs Alonso Nieto (Deactivated)
Introduction
The tables cef0.amazon.* identify events in CEF format generated by Amazon Web Service (AWS) services.
Tag structure
Events in CEF format don't have a specific tag structure, as explained inĀ Technologies supported in CEF syslog format. They are always sent to a table with the structureĀ cef0.deviceVendor.deviceProduct.
In this case, the valid data tables are:
Tag | Data table |
|---|---|
cef0.amazon.acm | cef0.amazon.acm |
cef0.amazon.autoscaling | cef0.amazon.autoscaling |
cef0.amazon.applicationInsights | cef0.amazon.applicationInsights |
cef0.amazon.appstream | cef0.amazon.appstream |
cef0.amazon.aws | cef0.amazon.aws |
cef0.amazon.backup | cef0.amazon.backup |
cef0.amazon.ce | cef0.amazon.ce |
cef0.amazon.clouddirectory | cef0.amazon.clouddirectory |
cef0.amazon.cloudhsm | cef0.amazon.cloudhsm |
cef0.amazon.cloudtrail | cef0.amazon.cloudtrail |
cef0.amazon.codecommit | cef0.amazon.codecommit |
cef0.amazon.codepipeline | cef0.amazon.codepipeline |
cef0.amazon.cognitoIdp | cef0.amazon.cognitoIdp |
cef0.amazon.computeOptimizer | cef0.amazon.computeOptimizer |
cef0.amazon.config | cef0.amazon.config |
cef0.amazon.datapipeline | cef0.amazon.datapipeline |
cef0.amazon.directconnect | cef0.amazon.directconnect |
cef0.amazon.ds | cef0.amazon.ds |
cef0.amazon.dynamodb | cef0.amazon.dynamodb |
cef0.amazon.ec2 | cef0.amazon.ec2 |
cef0.amazon.ecr | cef0.amazon.ecr |
cef0.amazon.ecs | cef0.amazon.ecs |
cef0.amazon.elasticache | cef0.amazon.elasticache |
cef0.amazon.elasticbeanstalk | cef0.amazon.elasticbeanstalk |
cef0.amazon.elasticfilesystem | cef0.amazon.elasticfilesystem |
cef0.amazon.elasticloadbalancing | cef0.amazon.elasticloadbalancing |
cef0.amazon.elasticmapreduce | cef0.amazon.elasticmapreduce |
cef0.amazon.eks | cef0.amazon.eks |
cef0.amazon.es | cef0.amazon.es |
cef0.amazon.forecast | cef0.amazon.forecast |
cef0.amazon.forecast | cef0.amazon.forecast |
cef0.amazon.gamelift | cef0.amazon.gamelift |
cef0.amazon.glacier | cef0.amazon.glacier |
cef0.amazon.guardduty | cef0.amazon.guardduty |
cef0.amazon.health | cef0.amazon.health |
cef0.amazon.iam | cef0.amazon.iam |
cef0.amazon.iot | cef0.amazon.iot |
cef0.amazon.kinesis | cef0.amazon.kinesis |
cef0.amazon.kinesisanalytics | cef0.amazon.kinesisanalytics |
cef0.amazon.kms | cef0.amazon.kms |
cef0.amazon.lambda | cef0.amazon.lambda |
cef0.amazon.logs | cef0.amazon.logs |
cef0.amazon.migrationhub | cef0.amazon.migrationhub |
cef0.amazon.monitoring | cef0.amazon.monitoring |
cef0.amazon.organizations | cef0.amazon.organizations |
cef0.amazon.pricelist | cef0.amazon.pricelist |
cef0.amazon.quicksight | cef0.amazon.quicksight |
cef0.amazon.ram | cef0.amazon.ram |
cef0.amazon.rds | cef0.amazon.rds |
cef0.amazon.redshift | cef0.amazon.redshift |
cef0.amazon.resourceGroups | cef0.amazon.resourceGroups |
cef0.amazon.route53 | cef0.amazon.route53 |
cef0.amazon.s3 | cef0.amazon.s3 |
cef0.amazon.sagemaker | cef0.amazon.sagemaker |
cef0.amazon.sbd | cef0.amazon.sbd |
cef0.amazon.secretsmanager | cef0.amazon.secretsmanager |
cef0.amazon.securityhub | cef0.amazon.securityhub |
cef0.amazon.servicediscovery | cef0.amazon.servicediscovery |
cef0.amazon.ses | cef0.amazon.ses |
cef0.amazon.sns | cef0.amazon.sns |
cef0.amazon.ssm | cef0.amazon.ssm |
cef0.amazon.storagegateway | cef0.amazon.storagegateway |
cef0.amazon.sts | cef0.amazon.sts |
cef0.amazon.swf | cef0.amazon.swf |
cef0.amazon.tagging | cef0.amazon.tagging |
cef0.amazon.trustedAdvisor | cef0.amazon.trustedAdvisor |
cef0.amazon.workdocs | cef0.amazon.workdocs |
cef0.amazon.workspaces | cef0.amazon.workspaces |
cef0.amazon.servicequotas | cef0.amazon.servicequotas |
cef0.amazon.dms | cef0.amazon.dms |
cef0.amazon.billingconsole | cef0.amazon.billingconsole |
cef0.amazon.route53resolver | cef0.amazon.route53resolver |
cef0.amazon.firehose | cef0.amazon.firehose |
cef0.amazon.licenseManager | cef0.amazon.licenseManager |
cef0.amazon.accessAnalyzer | cef0.amazon.accessAnalyzer |
cef0.amazon.dax | cef0.amazon.dax |
cef0.amazon.dataexchange | cef0.amazon.dataexchange |
cef0.amazon.codedeploy | cef0.amazon.codedeploy |
cef0.amazon.wellarchitected | cef0.amazon.wellarchitected |
cef0.amazon.fsx | cef0.amazon.fsx |
cef0.amazon.sms | cef0.amazon.sms |
cef0.amazon.discovery | cef0.amazon.discovery |
cef0.amazon.pi | cef0.amazon.pi |
cef0.amazon.redshiftData | cef0.amazon.redshiftData |
cef0.amazon.ec2InstanceConnect | cef0.amazon.ec2InstanceConnect |
cef0.amazon.events | cef0.amazon.events |
cef0.amazon.mgn | cef0.amazon.mgn |
cef0.amazon.greengrass | cef0.amazon.greengrass |
cef0.amazon.outposts | cef0.amazon.outposts |
cef0.amazon.xray | cef0.amazon.xray |
cef0.amazon.cognitoIdentity | cef0.amazon.cognitoIdentity |
cef0.amazon.robomaker | cef0.amazon.robomaker |
cef0.amazon.databrew | cef0.amazon.databrew |
cef0.amazon.macie2 | cef0.amazon.macie2 |
cef0.amazon.networkFirewall | cef0.amazon.networkFirewall |
cef0.amazon.networkmanager | cef0.amazon.networkmanager |
cef0.amazon.savingsplans | cef0.amazon.savingsplans |
cef0.amazon.glue | cef0.amazon.glue |
cef0.amazon.states | cef0.amazon.states |
cef0.amazon.amazonmq | cef0.amazon.amazonmq |
cef0.amazon.appconfig | cef0.amazon.appconfig |
cef0.amazon.comprehend | cef0.amazon.comprehend |
cef0.amazon.dlm | cef0.amazon.dlm |
cef0.amazon.globalaccelerator | cef0.amazon.globalaccelerator |
cef0.amazon.iotevents | cef0.amazon.iotevents |
cef0.amazon.waf | cef0.amazon.waf |
cef0.amazon.wafRegional | cef0.amazon.wafRegional |
cef0.amazon.wafv2 | cef0.amazon.wafv2 |
cef0.amazon.cloud9 | cef0.amazon.cloud9 |
cef0.amazon.codebuild | cef0.amazon.codebuild |
cef0.amazon.codeguruReviewer | cef0.amazon.codeguruReviewer |
cef0.amazon.emrContainers | cef0.amazon.emrContainers |
cef0.amazon.iotanalytics | cef0.amazon.iotanalytics |
cef0.amazon.kafka | cef0.amazon.kafka |
cef0.amazon.opsworks | cef0.amazon.opsworks |
cef0.amazon.qldb | cef0.amazon.qldb |
cef0.amazon.sqs | cef0.amazon.sqs |
cef0.amazon.synthetics | cef0.amazon.synthetics |
cef0.amazon.profile | cef0.amazon.profile |
cef0.amazon.route53domains | cef0.amazon.route53domains |
cef0.amazon.serverlessrepo | cef0.amazon.serverlessrepo |
cef0.amazon.shield | cef0.amazon.shield |
cef0.amazon.lightsail | cef0.amazon.lightsail |
cef0.amazon.imagebuilder | cef0.amazon.imagebuilder |
cef0.amazon.groundstation | cef0.amazon.groundstation |
cef0.amazon.frauddetector | cef0.amazon.frauddetector |
cef0.amazon.fms | cef0.amazon.fms |
How is the data sent to Devo?
Learn more about CEF syslog format and how Devo tags these events inĀ Technologies supported in CEF syslog format.