This solution consists of a lambda function which which gets triggered by CloudWatch events with findings as payload which are then ingested to Sumo Logic via S3 source
Made with ❤️ by Sumo Logic. Available on the AWS Serverless Application Repository
-
Configure a Hosted Collector and an AWS S3 Source to Sumo Logic, and in Advanced Options for Logs, under Timestamp Format, click Specify a format and enter the following: Specify Format as yyyy-MM-dd'T'HH:mm:ss.SSS'Z' Specify Timestamp locator as ."UpdatedAt":"(.)".*
-
Deploying the SAM Application
- Open a browser window and enter the following URL: https://serverlessrepo.aws.amazon.com/applications
- In the Serverless Application Repository, search for sumologic.
- Select Show apps that create custom IAM roles or resource policies check box.
- Click the sumologic-securityhub-collector,link, and then click Deploy.
- In the Configure application parameters panel, enter the name of the S3 bucket configured while creating AWS S3 source. Click Deploy.
Apache License 2.0 (Apache-2.0)
Requests & issues should be filed on GitHub: https://github.com/SumoLogic/sumologic-aws-lambda/issues