Skip to content

How to collect logs from AWS CloudTrail

To collect log events from a AWS CloudTrail, the following prerequisits must be met:

  • Export the logs from AWS CloudTrail into a monitoring folder;
  • Access to the custom file script processing template provided with the Cyberquest Windows agent, found in the installation folder (go to C:\Program Files\CyberQuestAgent\templates). Use the template to process the exported files from AWS in the monitoring folder.