Fortinet white logo
Fortinet white logo

External Systems Configuration Guide

Amazon AWS EC2

Amazon AWS EC2

Configuration

Setup in FortiSIEM

Complete these steps in the FortiSIEM UI:

  1. Go to the ADMIN > Setup > Credentials tab.
  2. In Step 1: Enter Credentials, click New.
    1. Enter the following settings from the table into the Access Method Definition dialog box:
      Note: For more information, see "Setting Credentials" in the User's Guide to create a new credential.

      SettingsDescription
      Name<set name>
      Device TypeAmazon AWS EC2
      Access ProtocolAWS SDK
      Region[Required] Region in which your AWS instance is located
      Access Key ID[Required] Access key for your AWS instance
      Secret Key[Required] Secret key for your AWS instance
      DescriptionDescription about the device

    2. Click Save.

  3. In Step 2: Enter IP Range to Credential Associations, click New.
    1. Enter "amazon.com" in the IP/Host Name field, if it does not already appear.
    2. Select the name of your AWS EC2 credential from the Credentials drop-down list if it is not already selected.
    3. Click Save.
  4. Click the Test drop-down list and select Test Connectivity to test the connection to Amazon AWS EC2.
  5. Navigate to Admin > Setup > Discovery, and click New.
    1. In the Name field, enter a name, such as "AWS_EC2".
    2. From the Discovery Type drop-down list, select AWS Scan.
    3. From the Credential drop-down list, select the credential you created, if it is not already selected.
    4. Click Save.
  6. To see the jobs associated with AWS, select ADMIN > Setup > Pull Events.
  7. To see the received events select ANALYTICS, then enter "AWS" in the search box.

Amazon AWS EC2

Amazon AWS EC2

Configuration

Setup in FortiSIEM

Complete these steps in the FortiSIEM UI:

  1. Go to the ADMIN > Setup > Credentials tab.
  2. In Step 1: Enter Credentials, click New.
    1. Enter the following settings from the table into the Access Method Definition dialog box:
      Note: For more information, see "Setting Credentials" in the User's Guide to create a new credential.

      SettingsDescription
      Name<set name>
      Device TypeAmazon AWS EC2
      Access ProtocolAWS SDK
      Region[Required] Region in which your AWS instance is located
      Access Key ID[Required] Access key for your AWS instance
      Secret Key[Required] Secret key for your AWS instance
      DescriptionDescription about the device

    2. Click Save.

  3. In Step 2: Enter IP Range to Credential Associations, click New.
    1. Enter "amazon.com" in the IP/Host Name field, if it does not already appear.
    2. Select the name of your AWS EC2 credential from the Credentials drop-down list if it is not already selected.
    3. Click Save.
  4. Click the Test drop-down list and select Test Connectivity to test the connection to Amazon AWS EC2.
  5. Navigate to Admin > Setup > Discovery, and click New.
    1. In the Name field, enter a name, such as "AWS_EC2".
    2. From the Discovery Type drop-down list, select AWS Scan.
    3. From the Credential drop-down list, select the credential you created, if it is not already selected.
    4. Click Save.
  6. To see the jobs associated with AWS, select ADMIN > Setup > Pull Events.
  7. To see the received events select ANALYTICS, then enter "AWS" in the search box.