Please use this integration guide to configure CloudTrail log alerts so they can be received in Squadcast. This integration should be used only for getting CloudTrail log alerts via a SNS endpoint.
For CloudTrail alerts, use the AWS CloudTrail via CloudWatch integration.
For regular AWS CloudWatch alarms (like EC2 alerts), use the AWS CloudWatch Integration.
On the Sidebar, click on Services.
You can either navigate to an existing service or make a new one by clicking on “Add Service”.
Check the service details like name, description, and the associated escalation policy for this service and make sure it is correctly entered.
From the integration types drop down select the integration type as “AWS CloudTrail logs via SNS”. You will be shown your AWS CloudTrail Alarm Endpoint and click Save.
Now log in to your AWS account and proceed to SNS.
Click on "Create topic" to get "Create new topic" dialog box. Fill in the details as per your requirements and then click on "Create topic"
Now inside the topic, click on "Create subscription" to get "Create subscription" dialog box. Select the protocol as "HTTPS" and in the endpoint enter the URL you obtained from previous step. Finally, click on "Create subscription" to create the subscription.
The "Subscription ID" for the subscription should to "Confirmed" immediately change from "PendingConfirmation". Click on the refresh button to verify the same.
Then you can configure your CloudTrail log alerts and assign this topic as the notification option and you are good to go.
Updated 7 months ago