Fortinet black logo

External Systems Configuration Guide

Amazon AWS EC2

Configuration

Setup in FortiSIEM

Complete these steps in the FortiSIEM UI:

  1. Go to the ADMIN > Setup > Credentials tab.
  2. In Step 1: Enter Credentials, click New.
    1. Enter the following settings from the table into the Access Method Definition dialog box:
      Note: For more information, see "Setting Credentials" in the User's Guide to create a new credential.

      SettingsDescription
      Name<set name>
      Device TypeAmazon AWS EC2
      Access ProtocolAWS SDK
      Region[Required] Region in which your AWS instance is located
      Access Key ID[Required] Access key for your AWS instance
      Secret Key[Required] Secret key for your AWS instance
      DescriptionDescription about the device

    2. Click Save.

  3. In Step 2: Enter IP Range to Credential Associations, click New.
    1. Enter "amazon.com" in the IP/Host Name field, if it does not already appear.
    2. Select the name of your AWS EC2 credential from the Credentials drop-down list if it is not already selected.
    3. Click Save.
  4. Click the Test drop-down list and select Test Connectivity to test the connection to Amazon AWS EC2.
  5. Navigate to Admin > Setup > Discovery, and click New.
    1. In the Name field, enter a name, such as "AWS_EC2".
    2. From the Discovery Type drop-down list, select AWS Scan.
    3. From the Credential drop-down list, select the credential you created, if it is not already selected.
    4. Click Save.
  6. To see the jobs associated with AWS, select ADMIN > Setup > Pull Events.
  7. To see the received events select ANALYTICS, then enter "AWS" in the search box.

Configuration

Setup in FortiSIEM

Complete these steps in the FortiSIEM UI:

  1. Go to the ADMIN > Setup > Credentials tab.
  2. In Step 1: Enter Credentials, click New.
    1. Enter the following settings from the table into the Access Method Definition dialog box:
      Note: For more information, see "Setting Credentials" in the User's Guide to create a new credential.

      SettingsDescription
      Name<set name>
      Device TypeAmazon AWS EC2
      Access ProtocolAWS SDK
      Region[Required] Region in which your AWS instance is located
      Access Key ID[Required] Access key for your AWS instance
      Secret Key[Required] Secret key for your AWS instance
      DescriptionDescription about the device

    2. Click Save.

  3. In Step 2: Enter IP Range to Credential Associations, click New.
    1. Enter "amazon.com" in the IP/Host Name field, if it does not already appear.
    2. Select the name of your AWS EC2 credential from the Credentials drop-down list if it is not already selected.
    3. Click Save.
  4. Click the Test drop-down list and select Test Connectivity to test the connection to Amazon AWS EC2.
  5. Navigate to Admin > Setup > Discovery, and click New.
    1. In the Name field, enter a name, such as "AWS_EC2".
    2. From the Discovery Type drop-down list, select AWS Scan.
    3. From the Credential drop-down list, select the credential you created, if it is not already selected.
    4. Click Save.
  6. To see the jobs associated with AWS, select ADMIN > Setup > Pull Events.
  7. To see the received events select ANALYTICS, then enter "AWS" in the search box.