S3
Store c/side security alerts in AWS S3 buckets for archival, compliance, and integration with SIEM systems.
Storing notifications in S3
Use an AWS S3 bucket as a notification destination to archive alerts as JSON or CSV files. This is useful for long-term storage, compliance requirements, and integration with SIEM or log aggregation systems.
Setting up an S3 destination
- Open the dashboard and navigate to Team Settings > Notifications
- Create a new notification config or edit an existing one
- Under Send To, click Add destination and select S3
- In the Configuration panel, enter your S3 bucket details:
- S3 Bucket Name: your AWS S3 bucket name
- Region: the AWS region where your bucket is located
- Path (optional): a prefix path within the bucket to organize files
- Click Save or Save & Test
S3 bucket policy
You need to grant c/side permission to write to your S3 bucket. Apply the following bucket policy to your S3 bucket settings:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowCsideNotificationExport",
"Effect": "Allow",
"Action": ["s3:PutObject"],
"Resource": "arn:aws:s3:::notifications-engine-test/*",
"Principal": {
"AWS": ["arn:aws:iam::590183952644:role/prod-cside-notifications-engine-sa-role"]
}
}
]
}Important
Update the Resource field in the policy to match your S3 bucket ARN (e.g., arn:aws:s3:::your-bucket-name/*).
Alert format
Alerts are stored in the following JSON format. CSV files have the same fields in column format.
{
"type": "HASH",
"domain": "beverage.ltd",
"target": "d6647696984a8df4df40ec2d6af8602ce9e6e239707f02851cbedeec601cccf3",
"action": "alert"
} Was this page helpful?
Thanks for your feedback!