Splunk® Enterprise Security

Use Splunk Enterprise Security

Network ACLs dashboard

Monitor your Amazon Web Services (AWS) network infrastructure for bad configurations and malicious activity. Investigative searches help you probe deeper when the facts warrant it.

Use the Network ACLs dashboard to monitor the network ACL activity in your AWS environment, including error events, the number of network ACLs, activity over time, and the detailed list of error activities.

  1. From the menu bar, select Analytics and then Cloud Security.
  2. Select Network ACLs.

The Network ACLs dashboard includes the following panels:

Panel Source Type Datamodel
Error events aws:cloudtrail datamodel=Change.All_Changes

nodename=All_Changes.Network_Changes

Network ACL actions aws:cloudtrail datamodel=Change.All_Changes

nodename=All_Changes.Network_Changes

Network ACL activity over time aws:cloudtrail datamodel=Change.All_Changes

nodename=All_Changes.Network_Changes

Most recent network ACLs activity aws:cloudtrail datamodel:"Change"."Network_Changes"
Network ACL error activity aws:cloudtrail datamodel:"Change"."Network_Changes"
Last modified on 12 September, 2024
IAM activity dashboard   Access analyzer dashboard

This documentation applies to the following versions of Splunk® Enterprise Security: 8.0.0, 8.0.1


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters