Configuring AWS Account Monitoring

Configuration Guide

Overview

This document outlines how to configure your Amazon Web Services (AWS) accounts for Arctic Wolf® to monitor.

Standard AWS configuration

Complete these procedures in order for each of your AWS accounts:

  1. Providing AWS Credentials to Arctic Wolf
  2. Configuring AWS CloudTrail Event Monitoring
  3. Configuring Amazon GuardDuty Monitoring
  4. (Optional) Configuring AWS S3 Bucket Log Monitoring and/or Configuring AWS WAF Log Monitoring

    Tip: Optional configurations provide additional monitoring that you may find useful, depending on your AWS environment.

Changing existing AWS configurations

To change existing AWS configurations, follow the Updating AWS CloudFormation Stacks instructions.

Supported AWS regions

Arctic Wolf can monitor these AWS regions:

Region Name Region
US East (N. Virginia) us-east-1
US East (Ohio) us-east-2
US West (N. California) us-west-1
US West (Oregon) us-west-2
Canada (Central) ca-central-1
South America (São Paulo) sa-east-1
EU (Ireland) eu-west-1
EU (London) eu-west-2
EU (Paris) eu-west-3
EU (Frankfurt) eu-central-1
EU (Stockholm) eu-north-1
Asia Pacific (Mumbai) ap-south-1
Asia Pacific (Seoul) ap-northeast-2
Asia Pacific (Singapore) ap-southeast-1
Asia Pacific (Sydney) ap-southeast-2
Asia Pacific (Tokyo) ap-northeast-1