You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Amazon Security Lake is a centralized repository of security data for AWS environments, SaaS providers, on premises, cloud sources, and third-party sources stored in your AWS account.
We want to create a new integration for Amazon Security Lake, this time as a source, meaning that the designed security data hosted in wazuh-indexer will end up in the security lake for other third-party services to consume and analyze.
Functional requirements
As a user, I can integrate Wazuh with AWS Security Lake as a source.
As a user, I can explore Wazuh events from the AWS Security Lake recommended tools (security lake queries, etc.).
As a user, I can search the AWS marketplace for source integrations and find Wazuh.
As a user, I have access to a guide on how to integrate Wazuh with Security Lake as a source.
Non-functional requirements
Our integration complies with all the AWS requirements as stated in their documentation.
Our integrations will map only essential fields from Wazuh to OCFS.
Implementation restrictions
We want to implement this integration using Logstash.
We can use AWS lambda to transform output to parquet, or develop a parquet codec.
Description
Amazon Security Lake is a centralized repository of security data for AWS environments, SaaS providers, on premises, cloud sources, and third-party sources stored in your AWS account.
All the entities listed previously can read or write security lake through subscription or source integrations, respectively. Wazuh already provides an integration as a subscriber, and is listed in the Amazon Security Lake partners program.
We want to create a new integration for Amazon Security Lake, this time as a source, meaning that the designed security data hosted in
wazuh-indexer
will end up in the security lake for other third-party services to consume and analyze.Functional requirements
Non-functional requirements
Implementation restrictions
Plan
Tasks
This task list follows from the plan:
The text was updated successfully, but these errors were encountered: