Documentation Index

Fetch the complete documentation index at: https://docs.hunters.ai/llms.txt

Use this file to discover all available pages before exploring further.

📢 Read the latest Release Notes to learn what's new on Hunters! 💡

Supported AWS logs

Prev Next

Overview

imageAWS logs provide unique and crucial visibility into the activities and resources in an organization’s AWS environment. As Cloud environments are vastly different from regular on-prem environments, many classic security products and auditing and logging mechanisms do not exist anymore in the Cloud environment as they were, which makes the multiple logging mechanisms of AWS all the more important for defending an organization’s AWS environment.

Supported logs summary

Supported data types

3rd party detection

Hunters detection

IOC search

Search

Table name

Log format

Collection method

AWS CloudTrail logs

aws_cloudtrail

NDJSON

S3

AWS Guard Duty logs

aws_guard_duty

NDJSON

S3

AWS Cloudwatch logs

cloudwatch_logs

NDJSON

S3

AWS Config logs

aws_config

NDJSON

S3

AWS WAF logs

aws_waf

NDJSON

S3

AWS VPC Flow Logs

aws_vpc_flow_logs

CSV

S3

AWS ELB logs

aws_elb_classic

CSV

S3

AWS Inspector findings

aws_inspector_findings

NDJSON

S3

AWS EKS Control Plane Logging

aws_eks_control_manager_logs

NDJSON

S3

AWS RDS Aurora MySQL Audit Logs

aws_rds_aurora_mysql_audit_logs

CSV

S3

AWS Route 53 Logs

route53_resolver_query_logs

NDJSON

S3

AWS S3 Server Access Logs

aws_s3_server_access_logs

CSV

S3

AWS Client VPN Connection Logs

aws_client_vpn_logs

NDJSON

S3

AWS Transit Gateway Flow Logs

aws_transit_gateway_flow_logs

NDJSON

S3

AWS Network Firewall Flow Logs

aws_network_firewall_flow_logs

NDJSON

S3

AWS Network Firewall Alert Logs

aws_network_firewall_alert_logs

NDJSON

S3

💡Tip

Hunters supports AWS Control Tower.