Enabling UEBA for AWS CloudTrail

Enabling UEBA for AWS CloudTrail

You can simultaneously add multiple AWS accounts in a single region to your Netskope tenant.

To configure your AWS accounts for UEBA,

  1. Make a list of AWS accounts with CloudTrail logs you want to configure for UEBA. The list must include account numbers and account names. Optionally, you can also include email addresses associated with the account.

    Note

    Netskope recommends using the same account name as the AWS account alias. If an account alias is not available for the AWS account, then provide an account name for the AWS account.

    You can use AWS CLI to generate the list of AWS accounts as a CSV file. To learn more, see “Creating a CSV file” in Step 1/2: Configure AWS Accounts & Services for UEBA.

  2. In the Netskope UI go to Settings > Configure App Access > Classic > IaaS. Click Setup.
  3. Follow the instructions in the following sections.

Note

If you have existing AWS accounts that were configured using the old set up process, you can migrate them using the instructions in Migrating existing AWS accounts to the new set up.

Migrating to the new setup will enable you to automatically add new AWS accounts into Netskope.

Share this Doc

Enabling UEBA for AWS CloudTrail

Or copy link

In this topic ...