This solution consists of a lambda function which which gets triggered by CloudWatch events with findings as payload which are then ingested to Sumo Logic HTTP endpoint.
Made with ❤️ by Sumo Logic. Available on the AWS Serverless Application Repository
-
Configure a Hosted Collector to Sumo Logic, and in Advanced Options for Logs, under Timestamp Format, click Specify a format and enter the following: Specify Format as yyyy-MM-dd'T'HH:mm:ss.SSS'Z' Specify Timestamp locator as ."UpdatedAt":"(.)".*
-
Deploying the SAM Application
- Open a browser window and enter the following URL: https://serverlessrepo.aws.amazon.com/applications
- In the Serverless Application Repository, search for sumologic.
- Select Show apps that create custom IAM roles or resource policies check box.
- Click the sumologic-securityhub-collector-awsorg,link, and then click Deploy.
- In the Configure application parameters panel, enter the HTTP collector endpoint previously configured. Click Deploy.
Apache License 2.0 (Apache-2.0)
Requests & issues should be filed on GitHub: https://github.com/SumoLogic/sumologic-aws-lambda/issues