AWS Verified Access

The IBM® QRadar® DSM for AWS Verified Access supports events that are collected from Amazon S3 buckets, and from a Log group in the AWS Verified Access Logs.

Before you can integrate AWS Verified Access Logs with QRadar, you need to enable Verfied Access logs on the Amazon VPC console. To enable Verified Access logs, you must have permissions for delivery to Amazon S3.

For more information about permissions for delivery to Amazon S3 and enabling AWS Verified Access logs, go to the Enable Access Logs documentation on the Amazon website (https://docs.aws.amazon.com/verified-access/latest/ug/access-logs-enable.html).

Tip: When you enable Verified Access Logs, select the option to enable delivery to Amazon S3.