New Relic provides an integration for your AWS Verified Access logs.
Features
AWS Verified Access is a tool that provides secure access to corporate applications without requiring a VPN.
Any time someone attempts to access your corporate application, a log is created, and they can be forwarded to New Relic via AWS Kinesis Firehose.
This integration monitors your Verified Access activity, including top denied IP addresses, overall count of denied and granted activity, and more.
Activate Verified Access integration
重要
To use Kinesis Firehose, you must have a Kinesis Data Firehose delivery stream already created. If you do not, you can create one by going to Amazon Kinesis Firehose feature from your AWS console, and creating a delivery stream with Destination: New Relic
.
Learn more about creating an Amazon Kinesis Data Firehose delivery stream.
To set up this integration:
- From your AWS console, navigate to the AWS VPC Service.
- From the left panel, under the AWS Verified Access dropdown, select
Verified Access instances
. - Select the ID of the instance you would like to configure.
- Select the
Verified Access instance logging configuration
tab. - Select
Modify Verified Access instance logging configuration
. - Select the
Deliver to Amazon Kinesis Data Firehose
toggle. - Select a delivery stream configured to point to New Relic.
Find and use data
You can query and explore your data in our logs UI, using a filter of metadata.product.name = Verified Access
.
This table describes the data reported from Verified Access logs. For example logs, see the AWS Verified Access log examples doc.
Field | Description |
---|---|
| The name of the activity for Verified Access. |
| Log category. In this case it will usually be |
| Names the class of the log. |
| Provides information about the device attempting to access the application, like the IP address. |
| The duration of the request. |
| The time that the the request ended. |
| Information about the request to access the application, like method, port, and hostname. |
| The response code from the request. |
| Information about the identity of the user attempting to access the application. |
| Identifier for the log. |
| The defines the source IP and port of the originating request. |
| The status of the attempted login, should be |
| The name of the type of access log. |