1 Answer
- Newest
- Most votes
- Most comments
0
Here some ideas to dig for the root cause.
- Make sure you update the AWS CloudTrail connector configuration in Azure Sentinel to account for these changes.
- Ensure that S3 data events are enabled and configured in your CloudTrail settings.
- Check if the specific "CopyObject" events are included in the CloudTrail logs you are sending to Azure Sentinel. These events might be categorized differently or may have specific attributes that need to be parsed and queried.
- Check for any errors or issues related to log ingestion. You may need to troubleshoot and resolve any connectivity problems.
answered 6 months ago
Relevant content
- asked 4 months ago
- asked 2 years ago
- asked 7 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago