Configuring an AWS Verified Access log source by using the Amazon AWS S3 REST API protocol

If you want to collect AWS Verified Access logs from Amazon S3 buckets, configure a log source on the QRadar Console so that AWS Verified Access can communicate with QRadar by using the Amazon AWS S3 REST API protocol.

Procedure

  1. If automatic updates are not enabled, download and install the most recent version of the following RPMs from the IBM® Support Website onto your QRadar Console.
    • Protocol Common RPM
    • Amazon AWS S3 REST API Protocol RPM
    • DSMCommon RPM
    • Amazon Web Service RPM
    • AWS Verified Access DSM RPM
  2. Choose which method that you want to use to configure an AWS Verified Access log source by using the Amazon AWS S3 REST API protocol.