Test the Cloud Detections for AWS VPC Flow Log integration in your AWS cloud environment.
The Cloud Detections for AWS VPC Flow Logs integration allows Trend Vision One to access and monitor your AWS VPC Flow Logs to detected potential threats. The following
steps provide a guide on how to test the feature within your environment.
Procedure
- Sign in to the AWS account you want to use to test Cloud Detections for AWS VPC Flow Logs.
- Review the Cloud Detections for AWS VPC Flow Logs recommendations and requirements.
- Add your AWS account to the Cloud Accounts app in Trend Vision One.Follow the steps in Connect an AWS account using CloudFormation and enable the following features and permissions:
-
Core Features
-
Cloud Detections for AWS VPC Flow Logs
Note
If you want to test integration with an AWS organization account, see Connect an AWS Organization. -
- After your account successfully connects, use XDR Data Explorer to verify data is being sent.
- Use one of the following demo attacks to trigger a Workbench alert.
-
Demo: Model - Network Connection to Known Suspicious IP Address
You can also run a Threat Intelligence sweeping test to generate an alert using demo data. -