Cribl Onboarding Guide
How to redact sensitive log data using AWS S3, Cribl, and Panther
The process outlined in this guide outlines how to redact sensitive log data using Cribl Cloud or Cribl Self-Hosted, working specifically within Amazon Web Services (AWS) S3 buckets and Panther. Broadly we will:
- Authenticate an S3 Bucket in Cribl, with examples of the manual method and Event Breakers.
- Configure an AWS S3 source and destination using a JSON data format.
- Provide examples of JSON events, using pre and post-Cribl masks.
- 1.Log into Cribl. On the left-hand side, navigate to Groups. Then at the top of the page click the Routing drop down and select Quick Connect.