AWS Cloud Operations & Migrations Blog

Tag: Amazon CloudWatch Contributor Insights

How McAfee used Amazon CloudWatch to monitor a multi-PB data migration to Databricks on AWS

This blog post was contributed by Kanishk Mahajan@AWS; Hashem Raslan, Manager, Engineering@McAfee; Anastasia Zamyshlyaeva, Vice President, Data Engineering@McAfee McAfee, a global leader in online protection security enables home users and businesses to stay ahead of fileless attacks, viruses, malware, and other online threats. McAfee wanted to create a centralized data platform as a single source […]

Read More
Featured Image for Blog Post with title 'Use AWS CloudWatch Contributor Insights to monitor AWS Foundations Benchmark Controls"

Use AWS CloudWatch Contributor Insights to monitor CIS AWS Foundations Benchmark controls

Contributor Insights is a feature of AWS CloudWatch that can be used to analyze log data to create time series that displays contributor data. This will help you understand who or what is impacting your system and application performance by identifying top talkers, pinpointing outliers, finding the heaviest traffic patterns, and ranking the top system […]

Read More
Sending Standard CloudFront Access Logs to CloudWatch Logs for Analysis

Sending CloudFront standard logs to CloudWatch Logs for analysis

Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment. CloudFront standard logs (also known as access logs) give you visibility into requests that are made to a CloudFront distribution. The logs can […]

Read More
AWS Network Firewall logs are ingested into CloudWatch and analyzed through Contributor Insights and CloudWatch Logs Insights.

Use Contributor Insights to analyze AWS Network Firewall

AWS recently launched AWS Network Firewall, a stateful, managed network firewall that provides intrusion detection and prevention for Virtual Private Cloud (Amazon VPC). In a large-scale enterprise environment, it can be difficult and time-consuming to inspect multiple log groups and log streams. Investigating a security incident across a Network Firewall fleet that spans different VPCs […]

Read More

Improve security by analyzing VPC flow logs with Amazon CloudWatch Contributor Insights

You can use rules in Amazon CloudWatch Contributor Insights to gain security visibility into your VPC flow logs. The rules analyze flow logs in targeted groups in Amazon CloudWatch Logs and display the Top-N contributors for a given log field or combination of log fields. In this post, I’ll show you how to set up CloudWatch Contributor Insight rules for VPC flow logs. I’ll demonstrate how to:

Map the VPC flow log format to rules in Contributor Insights.
Explain how a single rule can be used to monitor many VPC flow logs.
Walk through some sample rules and show them in a CloudWatch dashboard.

Read More