Network ACL Analytics in
Monitor your Amazon Web Services (AWS) network infrastructure for bad configurations and malicious activity. Investigative searches help you probe deeper, when the facts warrant it.
Network ACLs Dashboard
Use the Network ACLs Dashboard to monitor the network ACL activity in your AWS environment, including error events, the number of Network ACLs, activity over time, and the detailed list of error activities.
- From the menu bar, select Cloud Security.
- Click Network ACLs.
The Network Dashboard includes the following panels:
Panel | Source Type | Datamodel |
---|---|---|
Error Events | aws:cloudtrail
|
datamodel=Change.All_Changes
|
Network ACL Actions | aws:cloudtrail
|
datamodel=Change.All_Changes
|
Network ACL Activity Over Time | aws:cloudtrail
|
datamodel=Change.All_Changes
|
Most Recent Network ACLs Activity | aws:cloudtrail
|
datamodel:"Change"."Network_Changes"
|
Network ACL Error Activity | aws:cloudtrail
|
datamodel:"Change"."Network_Changes"
|
User and Authentication Activity in | AWS Access Analyzer in |
This documentation applies to the following versions of Splunk® Enterprise Security: 7.0.1, 7.0.2, 7.1.0, 7.1.1, 7.1.2, 7.2.0, 7.3.0, 7.3.1, 7.3.2
Feedback submitted, thanks!