Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

XSIAM: VPC Flow log custom filters #6169

Closed
9 tasks
sj-williams opened this issue Sep 16, 2024 · 0 comments
Closed
9 tasks

XSIAM: VPC Flow log custom filters #6169

sj-williams opened this issue Sep 16, 2024 · 0 comments
Assignees
@kyphutruong

Comments

@sj-williams
Copy link
Contributor

sj-williams commented Sep 16, 2024
edited
Loading

Background

We have been asked to update the flow log export config for XSIAM, see here for details:

https://docs-cortex.paloaltonetworks.com/r/Cortex-XSIAM/Cortex-XSIAM-Administrator-Guide/Ingest-Network-Flow-Logs-from-Amazon-S3

Slack thread:
https://mojdt.slack.com/archives/C57UPMZLY/p1726212864331239

MP have a similar setup already done in terraform, we can borrow from them:

https://github.com/ministryofjustice/modernisation-platform/blob/e303e8d50a57eced89f0d96ac161999938e15a14/terraform/environments/core-network-services/firewall.tf#L59

Proposed user journey

Approach

Which part of the user docs does this impact

Communicate changes

  • post for #cloud-platform-update
  • Weeknotes item
  • Show the Thing/P&A All Hands/User CoP
  • Announcements channel

Questions / Assumptions

Definition of done

  • readme has been updated
  • user docs have been updated
  • another team member has reviewed
  • smoke tests are green
  • prepare demo for the team

Reference

How to write good user stories
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kyphutruong kyphutruong

Labels
None yet
Projects
Cloud Platform
Archived in project
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kyphutruong @sj-williams