Ingesting Cloud Custodian Logs into Sumo Logic (Part 1)

A setup for Cloud Custodian to deliver the logs into the Sumo Logic

In this story, we will discuss all the components that are required to have the logs shipped from the s3 bucket to Sumo Logic. As we all know, the Cloud Custodian does not have a GUI or front end. This is one method, where you can send the Cloud Custodian outputs to your chosen SIEM solution and parse logs to write various queries as needed. Using this approach, we are identifying all non-compliant items, comparing historical data to show the improvement over time…