2 Answers
- Newest
- Most votes
- Most comments
0
Hi,
In principle, you should move security hub logs to an s3 bucket of choice, and then use Athena to query from that bucket.
You can check these out:
- https://github.com/aws-samples/aws-security-hub-findings-export
- https://aws.amazon.com/blogs/security/export-historical-security-hub-findings-to-an-s3-bucket-to-enable-complex-analytics/
Hope it helps ;)
0
Hey there!
You can use the new service, Amazon Security Lake, which automatically sends security hub findings to an S3 bucket and sets up Athena for you.
For more details, see here: https://docs.aws.amazon.com/security-lake/latest/userguide/internal-sources.html
answered a year ago
Relevant content
- Accepted Answerasked 7 months ago
- asked a year ago
- asked 5 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 10 months ago