How to collect logs from AWS CloudTrail
To collect log events from a AWS CloudTrail, the following prerequisits must be met:
- Export the logs from AWS CloudTrail into a monitoring folder;
- Access to the custom file script processing template provided with the Cyberquest Windows agent, found in the installation folder (go to C:\Program Files\CyberQuestAgent\templates). Use the template to process the exported files from AWS in the monitoring folder.