With the newest version of Nava SIEM Agent, you now have the ability to retrieve Amazon S3 audit trail as well as more enhanced functionality for Google Apps audit logs.
Since then we’ve been hard at work on new features and are proud to inform our customers of the release of the newest version of Nava SIEM Agent. Today’s release includes new features, including a new source of logs (Amazon S3 audit trail) and the augmentation of existing logs (Google Apps Login events).
The new release includes:
- Amazon S3 Access Logs: If your data is stored in Amazon S3, then you may already be aware of the security value of Amazon’s access logs. The logs contain a wealth of information, including: Bucket Owner, Bucket, Time, Remote IP, Requester, and more. First, enable logging on buckets that interest you. After this, you can create a task/job in Nava SIEM Agent to retrieve the S3 logs. As usual, you have a choice of sending the logs to a text file or to Windows Event Logs.
- Google Apps Login Events: As detailed in a previous post, the Login Activity Events are some of the most important audit logs from the perspective of ensuring the security of your users. All web-based login attempts (both successful and unsuccessful) are logged, including the IP address, user name, and date/time.
- Windows Event Log Enhancements: When sending logs to Windows Event Logs, the user now has the ability to chose the name of the log as well as the ID under which to log the events.
Check the release notes for additional information.
We’re constantly working to improve the product by adding new features and increasing the usability of existing features. If you’re interested in cloud log sources that we don’t yet support, please drop us a note. We’d love to hear form you!