The Amazon S3 Audit Source, also called Server Access Logging, tracks and collects your Amazon S3 bucket's activity logs. Each access log record provides details about a single access request, such as the requester, bucket name, request time, request action, response status, and error code, if any. Add an Amazon S3 Audit Source to upload these messages to Sumo Logic.
To configure an Amazon S3 Audit Source:
- Grant Sumo Logic access to an Amazon S3 bucket.
- Enable logging in AWS using the Amazon Console.
- Confirm that logs are being delivered to the Amazon S3 bucket.
- Add an AWS Source for the S3 Audit Source to Sumo Logic. See below for detailed steps.
- Optional: Install the Sumo Logic App for S3 Audit.
See AWS Sources for full details on setting up and configuring.