Amazon AWS S3 REST API data source parameters for Amazon AWS WAF
If the QRadar® product does not automatically detect the data source, add an Amazon AWS WAF data source in the QRadar product by using the Amazon AWS S3 REST API connector.
When you use the Amazon AWS S3 REST API connector, there are specific parameters that you must configure.
| Parameter | Value |
|---|---|
| Data source type | Amazon AWS WAF |
| Connector type | Amazon AWS S3 REST API |
| Data Source Identifier |
Type a unique name for the data source. The Data Source Identifier can be any valid value and does not need to reference a specific server. The Data Source Identifier can be the same value as the Data Source Name. If you have more than one Amazon AWS WAF data source that is configured, you might want to identify the first data source as awswaf1, the second data source as awswaf2, and the third data source as awswaf3. |
| Authentication Method | Access Key ID / Secret Key |
| Access Key | The Access key ID that you created when you configured your AWS security credentials. For more information, see Configuring security credentials for your AWS user account. |
| Secret Key | The Secret access key that you created when you configured your AWS security credentials. For more information, see Configuring security credentials for your AWS user account. |
| S3 Collection Method | SQS Event Notifications |
| SQS Queue URL | The full URL that begins with https://, for the SQS Queue that is set up to receive notifications for ObjectCreated events from S3. |
| Region Name | The region that is assigned to your Amazon AWS WAF. Example: us-east-2 |
| Event Format | LINEBYLINE |
For a complete list of Amazon AWS S3 REST API connector parameters and their values, see Amazon AWS S3 REST API connector configuration options.