Open bagg3rs opened 2 months ago
As a SoC I want security logs from all things So that we have a central source of security logs in order to process for threats correlations
Security Operations Center needs our logs and they will process with Palo Alto Cortex to check for bad things.
Rich, Julia
Do what MP/CP did see thread
See thread here
https://docs-cortex.paloaltonetworks.com/r/Cortex-XSIAM/Cortex-XSIAM-Administrator-Guide/Ingest-Network-Route-53-Logs-from-Amazon-S3
To be refined and planned into next sprint
Waiting for team to send current error logs before planning this.
logs for review:
https://docs.google.com/spreadsheets/d/1QO56aMBeX4rIKKT2loo-6DB0BBIPog5v/edit?gid=2007438121#gid=2007438121
User Story
As a SoC I want security logs from all things So that we have a central source of security logs in order to process for threats correlations
Value / Purpose
Security Operations Center needs our logs and they will process with Palo Alto Cortex to check for bad things.
Useful Contacts
Rich, Julia
Proposal
Do what MP/CP did see thread
Additional Information
See thread here
https://docs-cortex.paloaltonetworks.com/r/Cortex-XSIAM/Cortex-XSIAM-Administrator-Guide/Ingest-Network-Route-53-Logs-from-Amazon-S3
Definition of Done