Centralized cloud logging and monitoring is a crucial aspect of enterprise multicloud environments. Pulling cross-cloud events into a central SIEM / SOAR solution offers a consolidated view of all important logs and events generated across various accounts and regions, providing a single point of log access and an opportunity for log correlation.
In this webcast, join the authors of SEC549: Cloud Security Architecture to explore the push and pull logging architecture used by Microsoft Sentinel to ingest cross-cloud audit logs. Attendees will see the log journey from both AWS CloudTrail and Google Cloud Audit Logs into Microsoft Sentinel and learn some fun Kusto Query Language (KQL) queries to investigate cloud events.
Learning Objectives:
This webcast is based on content from SANS Institute SEC549: Cloud Security Architecture. Whether they are planning for the first workload, managing complex legacy environments, or operating in an advanced cloud-native ecosystem, SEC:549 teaches cyber security professionals how to design an enterprise-ready, scalable cloud organization. Click here for more information about SEC549 and access to the free Course Demo.