AWS Simple Queue Service (SQS)
Support Added: FortiSIEM 6.5.0
Vendor Version Tested: Not Provided
Product: Amazon Simple Queue Service (SQS)
Product Information: https://aws.amazon.com/sqs/
What is Discovered and Monitored
|Protocol||Information Discovered||Metrics Collected||Used For|
|AWS SQS||service logs||Log analysis|
In ADMIN > Device Support > Event Types, search for "aws sqs" to see the event types associated with this device.
There are no specific rules available for AWS SQS.
There are no specific reports available for AWS SQS.
Setup in FortiSIEM
Complete these steps in the FortiSIEM UI:
- Go to the ADMIN > Setup > Credentials tab.
- In Step 1: Enter Credentials:
- Follow the instructions in "Setting Credentials" in the User's Guide to create a new credential.
- Enter these settings in the Access Method Definition dialog box:
Note: Make sure no other devices use the same credential, otherwise events may appear missing.
Settings Description Name Enter a name for the credential Device Type Amazon AWS SQS Access Protocol AWS SQS Region The region in which your AWS instance is located . SQS Queue URL Provide the full URL, for example:
The interval in which FortiSIEM will pull events from AWS SQS. Default is 5 minutes.
Password Config See Password Configuration. Access Key ID The access key for your EC2 instance Secret Key The secret key for your EC2 instance
Confirm Secret Key
Enter the secret key for validation.
If you provided an access key, you can leave this field blank.
Select an organization from the drop-down list.
Description Description about the device
- In Step 2: Enter IP Range to Credential Associations, click New.
- Enter a host name, an IP, or an IP range in the IP/Host Name field.
- Select the name of your credential from the Credentials drop-down list.
- Click Save.
- Click the Test drop-down list and select Test Connectivity to test the connection to AWS SQS.
- To see the jobs associated with AWS SQS, select ADMIN > Setup > Pull Events.
- To see the received events select ANALYTICS, then enter "AWS" in the search box.