Knowledge Base Community Release Notes Request Demo

Overview
Quick Start
- Onboarding Guide
Data Sources & Transports
Detections
Cloud Security Scanning
- Cloud Resource Attributes
  - AWS
    ACM Certificate
    CloudFormation Stack
    CloudWatch Log Group
    CloudTrail
    CloudTrail Meta
    Config Recorder
    Config Recorder Meta
    DynamoDB Table
    EC2 AMI
    EC2 Instance
    EC2 Network ACL
    EC2 SecurityGroup
    EC2 Volume
    EC2 VPC
    ECS Cluster
    EKS Cluster
    ELBV2 Application Load Balancer
    GuardDuty Detector
    GuardDuty Detector Meta
    IAM Group
    IAM Policy
    IAM Role
    IAM Root User
    IAM User
    KMS Key
    Lambda Function
    Password Policy
    RDS Instance
    Redshift Cluster
    Route 53 Domains
    Route 53 Hosted Zone
    S3 Bucket
    WAF Web ACL
Alerts & Destinations
Investigations & Search
PantherFlow (Beta)
Enrichment
Panther AI (Beta)
System Configuration
Panther Developer Workflows
Resources
- Help
- Panther System Architecture

Powered by GitBook

On this page

Was this helpful?

Last updated 10 months ago

Was this helpful?

Overview

Panther supports log ingestion from the following Amazon Web Services (AWS) services:

Beyond these natively supported AWS log sources, Panther also supports log ingestion from any other services via our AWS data transports: , , and .

Panther-built detections

Querying logs in Data Explorer

Cloud Security Scanning for AWS resources

In addition to log monitoring, we recommend using Panther's to detect misconfigurations in your AWS environment.

See Panther's prewritten AWS rules in .

See example SQL queries, for use in Panther's , on the following pages:

Beyond monitoring your AWS logs, we recommend onboarding your AWS environment as a Cloud Account for . Cloud Security Scanning checks your cloud resources against you've defined to identify and alert you to vulnerabilities in your AWS environment. Panther also comes with several based on common cloud infrastructure misconfigurations.

To learn more about how to set up Cloud Security Scanning for AWS, see .

Data Sources & Transports

Supported Logs

AWS Logs

Connecting AWS logs to your Panther Console

PreviousAuth0 Logs NextAWS ALB

Overview
Panther-built detections
Querying logs in Data Explorer
Cloud Security Scanning for AWS resources

AWS Security Hub

Amazon Security Lake

AWS Transit Gateway

CloudWatch Logs Source

the panther-analysis Github repository

CloudTrail logs queries

GuardDuty logs queries

S3 Access logs queries

VPC Flow logs queries

Cloud Security Scanning

built-in policies

Cloud Security Scanning

Onboarding the Cloud Account in Panther