Enabling UEBA for AWS CloudTrail
Enabling UEBA for AWS CloudTrail
You can simultaneously add multiple AWS accounts in a single region to your Netskope tenant.
To configure your AWS accounts for UEBA,
- Make a list of AWS accounts with CloudTrail logs you want to configure for UEBA. The list must include account numbers and account names. Optionally, you can also include email addresses associated with the account.
Note
Netskope recommends using the same account name as the AWS account alias. If an account alias is not available for the AWS account, then provide an account name for the AWS account.
You can use AWS CLI to generate the list of AWS accounts as a CSV file. To learn more, see “Creating a CSV file” in Step 1/2: Configure AWS Accounts & Services for UEBA.
- In the Netskope UI go to Settings > Configure App Access > Classic > IaaS. Click Setup.
- Follow the instructions in the following sections.
Note
If you have existing AWS accounts that were configured using the old set up process, you can migrate them using the instructions in Migrating existing AWS accounts to the new set up.
Migrating to the new setup will enable you to automatically add new AWS accounts into Netskope.