Configuring an Amazon AWS Config log source by using the Amazon AWS S3 REST API protocol

If you want to collect AWS Config logs from Amazon S3 buckets, configure a log source on the QRadar Console so that AWS Config can communicate with QRadar by using the Amazon AWS S3 REST API protocol.

1. If automatic updates are not enabled, download and install the most recent version of the following RPMs from the IBM Support Website onto your QRadar Console.
   • Protocol Common RPM
   • Amazon AWS S3 REST API Protocol RPM
   • DSM Common RPM
   • Amazon Web Service RPM
   • AWS Config DSM RPM

   • Select a method to configure an AWS Config log source by using the Amazon AWS S3 REST API protocol.
2. Select one of the following methods to configure an AWS Config log source by using the Amazon AWS S3 REST API protocol.
   • Configuring an AWS Config log source that uses an S3 bucket with an SQS queue.
   • Configuring an AWS Config log source that uses an S3 bucket with a directory prefix.