In order to get Alert Logic® to begin collecting Amazon Web Services (AWS) CloudTrail logs within the Alert Logic console, you must complete two stages of action.
The first stage is setting up AWS CloudTrail, which includes enabling CloudTrail, creating an SQS Queue, creating an IAM Policy, and creating an IAM role. Details on completing all of these actions can be found within our Log Manager for AWS CloudTrail documentation.
The second stage is setting up the source in the Alert Logic console. Details on completing this stage can be found within our Create an AWS CloudTrail Collection Source documentation.
Note: You will need to enable a cross-account policy and role before setting up a CloudTrail log source. Details on this can be found within our Configure Alert Logic Cloud Defender AWS Cross-Account Role Access documentation.