AWS Cloud Operations & Migrations Blog
Tag: Amazon CloudWatch Contributor Insights
How McAfee used Amazon CloudWatch to monitor a multi-PB data migration to Databricks on AWS
This blog post was contributed by Kanishk Mahajan@AWS; Hashem Raslan, Manager, Engineering@McAfee; Anastasia Zamyshlyaeva, Vice President, Data Engineering@McAfee McAfee, a global leader in online protection security enables home users and businesses to stay ahead of fileless attacks, viruses, malware, and other online threats. McAfee wanted to create a centralized data platform as a single source […]
Read More
Use AWS CloudWatch Contributor Insights to monitor CIS AWS Foundations Benchmark controls
Contributor Insights is a feature of AWS CloudWatch that can be used to analyze log data to create time series that displays contributor data. This will help you understand who or what is impacting your system and application performance by identifying top talkers, pinpointing outliers, finding the heaviest traffic patterns, and ranking the top system […]
Read More
Sending CloudFront standard logs to CloudWatch Logs for analysis
Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment. CloudFront standard logs (also known as access logs) give you visibility into requests that are made to a CloudFront distribution. The logs can […]
Read More
Use Contributor Insights to analyze AWS Network Firewall
AWS recently launched AWS Network Firewall, a stateful, managed network firewall that provides intrusion detection and prevention for Virtual Private Cloud (Amazon VPC). In a large-scale enterprise environment, it can be difficult and time-consuming to inspect multiple log groups and log streams. Investigating a security incident across a Network Firewall fleet that spans different VPCs […]
Read More
Improve security by analyzing VPC flow logs with Amazon CloudWatch Contributor Insights
You can use rules in Amazon CloudWatch Contributor Insights to gain security visibility into your VPC flow logs. The rules analyze flow logs in targeted groups in Amazon CloudWatch Logs and display the Top-N contributors for a given log field or combination of log fields. In this post, I’ll show you how to set up CloudWatch Contributor Insight rules for VPC flow logs. I’ll demonstrate how to:
Map the VPC flow log format to rules in Contributor Insights.
Explain how a single rule can be used to monitor many VPC flow logs.
Walk through some sample rules and show them in a CloudWatch dashboard.