Cisco Umbrella
Cisco Umbrella Logs are delivered over a Cisco Managed AWS S3 bucket. These are downloaded by the FoxTech SOC, using credentials provided by Cisco Umbrella.
Configuration
Follow the Cisco Umbrella guide linked below to configure logging to S3.
https://docs.umbrella.com/deployment-umbrella/docs/cisco-managed-s3-bucket
Choose a retention period of 7 days.
Then provide the following information to FoxTech:
- Data Path
- Access Key
- Secret Key