Skip to main content Link Menu Expand (external link) Document Search Copy Copied

Fluency Interface Configuration

Table of contents
  1. Fluency Web interface
    1. AWS CloudTrail / AWS CloudWatch Logs
      1. AWS CloudTrail
      2. AWS CloudWatch
    2. Fluency AWS ResourceWatch

The previous pages in this section guides the user to set up the required components of the AWS integrations on AWS’s web console. With that set-up complete, and the required information in hand, the user can then log into Fluency to complete the integration ‘plugin’ configuration.

Links

Please refer to the other pages in this section for specifics on cofiguring AWS services:

AWS CloudTrail / CloudWatch Logs: Setup Guide via CloudFormation.

Fluency AWS ResourceWatch Integration Guide to Fluency AWS ResourceWatch

Billing Report: Integration Guide to AWS Billing Reports

Simple Queue Service (SQS): Setup Guide for AWS SQS

Fluency Web interface

Login to the Fluency Cloud portal: https://companyname.cloud.fluencysecurity.com.

Open the main dropdown menu and choose the Cloud Integrations option under the Data Ingress section.

On the following page, navigate to the Cloud Infrastructure as a Service section.

To Add an integration for a plugin, choose the corresponding icon from the group on the left side of the page to create a new AWS integration endpoint.

Jump to - AWS CloudTrail / AWS CloudWatch Logs.

Jump to - Fluency AWS ResourceWatch.

NOTE: If an integration endpoint was setup previously, you can also select and modify it from the rigt side of the page.

AWS CloudTrail / AWS CloudWatch Logs

To Add an integration for AWS CloudWatch/CloudTrail, choose the AWS icon from the group on the left side of the page to create a new AWS integration endpoint.

In the pop-up window, give the integration a short name (or choose default), and choose the Save button to add the integration endpoint. The value will be used within Fluency interface only to distinguish the different integrations. It is suggested to avoid using spaces in this field.

Select the AWS integration endpoint from the list on the right side of the page, in the same Cloud Infrastructure as a Service section. Choose the pencil icon to edit/configure the connector.

On the plugin configuration page, select the + New User button in the upper left.

Using the IAM credentials from the previous step, fill out the required information. Click Save to add the IAM User.

AWS CloudTrail

Select the + New CloudTrails button, under the Users section.

Fill out the required information, using the information from the previous steps. Provide the Queue URL and select the IAM User created above.

Make use of the Test Connection button, to test the IAM configurations prior to saving.

If an error is encountered, like the one shown below, please verify the IAM user has the proper Access policy.

A successful test will return the following message:

Click “Save” to add the CloudTrail.

This completes the procedures to export AWS CloudTrail logs to Fluency. Your data will be available in Fluency’s Events Search shortly.

AWS CloudWatch

Select the + New CloudWatch button, under the Users/CloudTrail section.

Fill out the required information, using the information from the previous steps.

Provide a Name for this integration. Choose the AWS region for this CloudWatch, and select the IAM User (with CloudWatch Read permissions) created above.

Once these fields are populated, the Log Groups field should become a dropdown populated with your available CloudWatch log groups. Select the group(s) you would like to ingress data from.

Fluency AWS ResourceWatch

To Add an integration for Fluency AWS ResourceWatch, choose the AWS ResourceWatch icon from the group on the left side of the page to create a new AWS integration endpoint.

In the pop-up window, give the integration a short name (or choose default). The value will be used within Fluency interface only to distinguish the different integrations. It is suggested to avoid using spaces in this field.

Enter the IAM credentials from the previous step, and select the applicable AWS Region(s) for your deployment. Use the Proceed button to add the integration endpoint.

Select the AWSResourceWatch integration endpoint from the list on the right side of the page, in the same Cloud Infrastructure as a Service section. Choose the pencil or gear icon to edit/view/configure the connector.

Once completed, the integration outputs (AWS Resources) can be seen from the Main Menu, under the Resources section. Select the AWS option.

Page last updated: 2022 Dec 13