Fortinet black logo

External Systems Configuration Guide

AWS EC2

Amazon AWS EC2

What is Discovered and Monitored

Event Types

Reports

Configuration

Setup in FortiSIEM

Complete these steps in the FortiSIEM UI:

  1. Go to the ADMIN > Setup > Credentials tab.
  2. In Step 1: Enter Credentials:
    1. Follow the instructions in “Setting Credentials“ in the User's Guide to create a new credential.
    2. Enter these settings in the Access Method Definition dialog box:

      SettingsDescription
      Name<set name>
      Device TypeAmazon AWS EC2
      Access ProtocolAWS SDK
      Region[Required] Region in which your AWS instance is located
      Access Key ID[Required] Access key for your AWS instance
      Secret Key[Required] Secret key for your AWS instance
      DescriptionDescription about the device
  3. In Step 2, Enter IP Range to Credential Associations:
    1. Select the name of your credential from the Credentials drop-down list.
    2. Enter a host name, an IP, or an IP range in the IP/Host Name field.
    3. Click Save.
  4. Click Test to test the connection to Amazon AWS EC2.
  5. To see the jobs associated with AWS, select ADMIN > Pull Events.
  6. To see the received events select ANALYTICS, then enter AWS in the search box.

Amazon AWS EC2

What is Discovered and Monitored

Event Types

Reports

Configuration

Setup in FortiSIEM

Complete these steps in the FortiSIEM UI:

  1. Go to the ADMIN > Setup > Credentials tab.
  2. In Step 1: Enter Credentials:
    1. Follow the instructions in “Setting Credentials“ in the User's Guide to create a new credential.
    2. Enter these settings in the Access Method Definition dialog box:

      SettingsDescription
      Name<set name>
      Device TypeAmazon AWS EC2
      Access ProtocolAWS SDK
      Region[Required] Region in which your AWS instance is located
      Access Key ID[Required] Access key for your AWS instance
      Secret Key[Required] Secret key for your AWS instance
      DescriptionDescription about the device
  3. In Step 2, Enter IP Range to Credential Associations:
    1. Select the name of your credential from the Credentials drop-down list.
    2. Enter a host name, an IP, or an IP range in the IP/Host Name field.
    3. Click Save.
  4. Click Test to test the connection to Amazon AWS EC2.
  5. To see the jobs associated with AWS, select ADMIN > Pull Events.
  6. To see the received events select ANALYTICS, then enter AWS in the search box.