Support
 
Phone Get Quote
 
Support
 
US Sales: +1 888 720 9500
US Support: +1 844 245 1108
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: + 1 408 454 4213

 
 

Amazon S3 log management

Amazon Simple Storage Service (S3) is a quick and cost effective way to store data. S3 server access logs record data access and contain details of each request, such as the request type, the resources specified in the request, and the time and date the request was processed. These logs are written to an S3 bucket once access logging is enabled. By granting Cloud Security Plus read access to this S3 bucket, the logs are processed and presented as S3 traffic analysis reports, which are useful in:

  • Security or access audits
  • Understanding data access patterns
  • Error conditions

Amazon S3 traffic analysis reports

All S3 access requests: Details of every data request made to any S3 bucket added in the Cloud Security Plus console.

All S3 access requests

Error access requests

Error access requests: Shows inaccurate requests that have been made by a user, with details of the error code and corresponding HTTP error code.

Failed requests with error codes: Displays requests that couldn't be executed due to errors.

Requests based on remote IP: Displays requests made by a particular remote IP.

Requests based on operation: Gives report results that are based on the data request operation entered in a given field. For example, if "REST.GET.OBJECT" is entered, then only the corresponding requests are displayed.

Requests based on HTTP status: Presents results that correspond to a particular HTTP status code. For example, if the HTTP status code 404 is entered, the results display unsuccessful requests ("Not Found").

Detailed S3 traffic analysis reports

These reports provide information on:

  • Data requests:
    • GET - Request to access an object.
    • PUT - Request permission to add data to a resource and make it available via URL.
    • LIST - Request to view the contents of a resource.
    • DELETE - Request privileges to remove a resource.

Event Details

  • The remote IP from which the request was sent.
  • The identity of the user who made a request.
  • The total number of times a particular request was made by a specific user.
  • The bucket where a resource is located.
  • The Unique Resource Identifier (URI) of requested resources.
  • Individual event details.

Are you looking for a unified SIEM solution that can help you gain insights into your Amazon S3 data access patterns? Try Log360 today!

  Free 30-day trial  Request demo
© 2022 Zoho Corporation Pvt. Ltd. All rights reserved.