In order to get Alert Logic® Log Manager™ to begin collecting Amazon Web Services (AWS) CloudTrail logs within the Alert Logic user interface (UI), you must complete two stages of action.
The first stage is setting up AWS CloudTrail, which includes enabling CloudTrail, creating an SQS Queue, creating an IAM Policy, and creating an IAM role. Details on completing all of these actions can be found within our Log Manager for AWS CloudTrail documentation.
The second stage is setting up the source in the Alert Logic UI. Details on completing this stage can be found within our Create an AWS CloudTrail Collection Source documentation.
NOTE: You will need to enable a cross-account policy and role before setting up a CloudTrail log source. Details on this can be found within our Cloud Defender AWS Cross-Account Role Configuration documentation.